Fortinet black logo

Resolved issues

Resolved issues

The following issues have been resolved in FortiADC 6.2.5 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

Bug ID

Description

0854842

Process crashed when running stress test and system reload.

0853597

Servers in server pool showing as unavailable due to LB crash and Netlink issue.

0850561

SLB stops responding to SSL requests.

0849916 SAML inserts a header persistent-id that contains 0x00 making HTTP requests invalid caused by the overflow of characters when the input value exceeds 1023.
0848099 The number of VDOMs that can be assigned to administrators through the GUI does not match the CLI. Through the GUI, only 10 VDOMs can be assigned to administrator, whereas 10+ VDOMs can be assigned through the CLI.
0847369 VDOM traffic-log does not work when VDOM capacity is exceeded. For VMs (16 or 32 CPU) the VDOM capacity should be 15 or 20, however the VDOM traffic-log stops working after 10 VDOMs are added. For hardware platforms, when the number of VDOMs exceed the capacity (32 in some platforms), the traffic-log does not work for the excess VDOM.

0846947

When the vPath contains %f0, it will cause the error_page to not work.

0846513

Redirecting to HTTPS does not work due to HTTPS service not being enabled automatically on the management port.

0844072 Management IP unavailable after switching AP mode to standalone.
0840608 WAF Source IP exceptions stopped working for URL protection.
0840354 The VM can create up to 15 VDOMs after importing the 16 Cores license, but only 10 corresponding VDOM names are created in /var/log/logrpt/{VDOM}, where the logging for some of the VDOMs are not working.
0840171 Route Health Injection leaking between VDOMs.
0838537 Administrator who has read/write permission cannot upload certificate in VDOMs.
0837825 Improper grammar in log messages.
0836867 Unexpected RHI behavior for in A-A-VRRP HA cluster.

0835425

RADIUS virtual server intermittently adds incorrect translated destination port in the forwarded RADIUS requests.

0831472

Issues with VSL4 and SNAT due to IP ARP conflict.

0830087

In the GUI, VDOMs are not showing in the drop-down menu.

0829597

HA A-A mode secondary unit traffic log shows gateway as none.

0828919

L2 SSL Forward Proxy bypassed session and log show incorrect port information.

0827748

FortiADC devices showing consistent slowness.

0826635

FortiADC crashed after changing the virtual server type from Layer 4 to Layer 2.

0824625

IP address in "227 Enter Passive Mode" is changed from virtual to real-server when "227 Enter Passive Mode" is resent.

0824287

Enhancement request to add SAN field for manual CSR creation in GUI and CLI.

0822767

When using the Bot Detection Policy exception to whitelist IPs, the logs still continue to log allowlist matches.

0821812

Clock synchronization failure with local NTP server when the virtual server uses port 123, causing the NTP bind to fail.

0821776

Kernel panic while removing VLAN interface.

0820934

FortiADC GUI interfaces displaying as disabled.

0818663

Cloned IPS signatures cannot be modified.

0806321

Email alerts is being sent in TLS 1.0, but since TLS versions 1.2 or lower has been deprecated, connections lower than TLS 1.2 is not being accepted.

0802844

Unable to login to FortiADC GUI and abnormal behavior in some virtual servers due to tmpfs_control leak issue.

Common Vulnerabilities and Exposures

For more information, visit https://www.fortiguard.com/psirt.

Bug ID

Description

0829266 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CVE-2022-2097.
0825708 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection").
0825707 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-20: Improper Input Validation.
0797261 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CVE-2018-25032.

0784332

FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-321: Use of Hard-coded Cryptographic Key.

Resolved issues

The following issues have been resolved in FortiADC 6.2.5 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

Bug ID

Description

0854842

Process crashed when running stress test and system reload.

0853597

Servers in server pool showing as unavailable due to LB crash and Netlink issue.

0850561

SLB stops responding to SSL requests.

0849916 SAML inserts a header persistent-id that contains 0x00 making HTTP requests invalid caused by the overflow of characters when the input value exceeds 1023.
0848099 The number of VDOMs that can be assigned to administrators through the GUI does not match the CLI. Through the GUI, only 10 VDOMs can be assigned to administrator, whereas 10+ VDOMs can be assigned through the CLI.
0847369 VDOM traffic-log does not work when VDOM capacity is exceeded. For VMs (16 or 32 CPU) the VDOM capacity should be 15 or 20, however the VDOM traffic-log stops working after 10 VDOMs are added. For hardware platforms, when the number of VDOMs exceed the capacity (32 in some platforms), the traffic-log does not work for the excess VDOM.

0846947

When the vPath contains %f0, it will cause the error_page to not work.

0846513

Redirecting to HTTPS does not work due to HTTPS service not being enabled automatically on the management port.

0844072 Management IP unavailable after switching AP mode to standalone.
0840608 WAF Source IP exceptions stopped working for URL protection.
0840354 The VM can create up to 15 VDOMs after importing the 16 Cores license, but only 10 corresponding VDOM names are created in /var/log/logrpt/{VDOM}, where the logging for some of the VDOMs are not working.
0840171 Route Health Injection leaking between VDOMs.
0838537 Administrator who has read/write permission cannot upload certificate in VDOMs.
0837825 Improper grammar in log messages.
0836867 Unexpected RHI behavior for in A-A-VRRP HA cluster.

0835425

RADIUS virtual server intermittently adds incorrect translated destination port in the forwarded RADIUS requests.

0831472

Issues with VSL4 and SNAT due to IP ARP conflict.

0830087

In the GUI, VDOMs are not showing in the drop-down menu.

0829597

HA A-A mode secondary unit traffic log shows gateway as none.

0828919

L2 SSL Forward Proxy bypassed session and log show incorrect port information.

0827748

FortiADC devices showing consistent slowness.

0826635

FortiADC crashed after changing the virtual server type from Layer 4 to Layer 2.

0824625

IP address in "227 Enter Passive Mode" is changed from virtual to real-server when "227 Enter Passive Mode" is resent.

0824287

Enhancement request to add SAN field for manual CSR creation in GUI and CLI.

0822767

When using the Bot Detection Policy exception to whitelist IPs, the logs still continue to log allowlist matches.

0821812

Clock synchronization failure with local NTP server when the virtual server uses port 123, causing the NTP bind to fail.

0821776

Kernel panic while removing VLAN interface.

0820934

FortiADC GUI interfaces displaying as disabled.

0818663

Cloned IPS signatures cannot be modified.

0806321

Email alerts is being sent in TLS 1.0, but since TLS versions 1.2 or lower has been deprecated, connections lower than TLS 1.2 is not being accepted.

0802844

Unable to login to FortiADC GUI and abnormal behavior in some virtual servers due to tmpfs_control leak issue.

Common Vulnerabilities and Exposures

For more information, visit https://www.fortiguard.com/psirt.

Bug ID

Description

0829266 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CVE-2022-2097.
0825708 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection").
0825707 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-20: Improper Input Validation.
0797261 FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CVE-2018-25032.

0784332

FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-321: Use of Hard-coded Cryptographic Key.