Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiADC 6.2.3 Release Notes
    6.2.3
    8.0.2
    8.0.1
    8.0.0
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.5
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.4.4
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.7
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.8
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.1.7
    5.1.6
    5.1.5
    5.1.4
    5.1.3
    5.1.2
    5.1.1
    5.1.0
    5.0.4
    5.0.3
    5.0.2
    5.0.1
    5.0.0
    4.8.8
    4.8.7
    4.8.6
    4.8.5
    4.8.4
    4.8.3
    4.8.2
    4.8.1
    4.8.0
    4.7.4
    4.7.3
    4.7.2
    4.7.1

    Resolved issues

    Resolved issues

    The following issues have been resolved in FortiADC 6.2.3 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

    Bug ID

    Description
    0788758 SSL Forward Proxy memory leak.
    0783856 CAPTCHA page does not allow Enter key to submit.
    0782707/0775097/0773368

    Httproxy-ssl crash and memory leak issues on WAF enabled VS.
    0782260 Management interface shows as down.
    0782132 Website associated with a VS stops responding intermittently.
    0777422 DNS resolving fails for SDN connectors.
    0777069 TFTP Health Check script does not work.
    0776674 SFP information does not display with diagnose hardware get deviceinfo transceiver CLI command on some hardware models, such as 2200F and 4200F.
    0775509 Pop-up window displaying management IP showing in GUI, FortiView > OWASP Top 10 > A1:2017-Injection.
    0775262 FortiADC Radius SLB with Dynamic Authorization is not functioning correctly and NAT is not applied.
    0774824 Action mismatch between WAF alert and Logs.
    0774607 CPU spikes occurring in both of the paired FortiADC units due to the DNSPod multi-thread daemon accessing null schedule data when the DNS request is very high.
    0774178 Application profile does not accept domain names that include numbers.
    0770832 Debug producing junk output.
    0770608 Unable to register in FortiCare from AWS with FortiADC PAYG instance.
    0770359 Slow failing back time.
    0770037 URL that contain "on" in the string (such as "on1" or "one23") is detected as SQL/XSS injection attack.
    0769573 Telnet and SNMP are enabled by default on port1.

    0766519

    NULL pointer dereference in GREP utility.
    0766502 Ntpdate crash issue.
    0765668 Kernel HA module crash.
    0748175 Support recording TLS/SSL session keys for SMTP STARTTLS traffic.
    0741343 Disable LLDP on Intel XL710 to solve the flapping issue.
    0670544 L2 exception list member limit update to 1000.
    Common Vulnerabilities and Exposures

    For more information, visit https://www.fortiguard.com/psirt.

    0791753 FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

    0790808

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

    0776310

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-121: Stack-based Buffer Overflow.

    0771114

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-124: Buffer Underwrite ('Buffer Underflow').

    0771102

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow').

    0765175

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-134: Use of Externally-Controlled Format String.
    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been resolved in FortiADC 6.2.3 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

    Bug ID

    Description
    0788758 SSL Forward Proxy memory leak.
    0783856 CAPTCHA page does not allow Enter key to submit.
    0782707/0775097/0773368

    Httproxy-ssl crash and memory leak issues on WAF enabled VS.
    0782260 Management interface shows as down.
    0782132 Website associated with a VS stops responding intermittently.
    0777422 DNS resolving fails for SDN connectors.
    0777069 TFTP Health Check script does not work.
    0776674 SFP information does not display with diagnose hardware get deviceinfo transceiver CLI command on some hardware models, such as 2200F and 4200F.
    0775509 Pop-up window displaying management IP showing in GUI, FortiView > OWASP Top 10 > A1:2017-Injection.
    0775262 FortiADC Radius SLB with Dynamic Authorization is not functioning correctly and NAT is not applied.
    0774824 Action mismatch between WAF alert and Logs.
    0774607 CPU spikes occurring in both of the paired FortiADC units due to the DNSPod multi-thread daemon accessing null schedule data when the DNS request is very high.
    0774178 Application profile does not accept domain names that include numbers.
    0770832 Debug producing junk output.
    0770608 Unable to register in FortiCare from AWS with FortiADC PAYG instance.
    0770359 Slow failing back time.
    0770037 URL that contain "on" in the string (such as "on1" or "one23") is detected as SQL/XSS injection attack.
    0769573 Telnet and SNMP are enabled by default on port1.

    0766519

    NULL pointer dereference in GREP utility.
    0766502 Ntpdate crash issue.
    0765668 Kernel HA module crash.
    0748175 Support recording TLS/SSL session keys for SMTP STARTTLS traffic.
    0741343 Disable LLDP on Intel XL710 to solve the flapping issue.
    0670544 L2 exception list member limit update to 1000.
    Common Vulnerabilities and Exposures

    For more information, visit https://www.fortiguard.com/psirt.

    0791753 FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

    0790808

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

    0776310

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-121: Stack-based Buffer Overflow.

    0771114

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-124: Buffer Underwrite ('Buffer Underflow').

    0771102

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow').

    0765175

    FortiADC 6.2.3 is no longer vulnerable to the following CVE-Reference: CWE-134: Use of Externally-Controlled Format String.
    Previous
    Next