Resolved issues
The following issues have been resolved in FortiADC 6.2.5 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.
Bug ID |
Description |
---|---|
0854842 |
Process crashed when running stress test and system reload. |
0853597 |
Servers in server pool showing as unavailable due to LB crash and Netlink issue. |
0850561 |
SLB stops responding to SSL requests. |
0849916 | SAML inserts a header persistent-id that contains 0x00 making HTTP requests invalid caused by the overflow of characters when the input value exceeds 1023. |
0848099 | The number of VDOMs that can be assigned to administrators through the GUI does not match the CLI. Through the GUI, only 10 VDOMs can be assigned to administrator, whereas 10+ VDOMs can be assigned through the CLI. |
0847369 | VDOM traffic-log does not work when VDOM capacity is exceeded. For VMs (16 or 32 CPU) the VDOM capacity should be 15 or 20, however the VDOM traffic-log stops working after 10 VDOMs are added. For hardware platforms, when the number of VDOMs exceed the capacity (32 in some platforms), the traffic-log does not work for the excess VDOM. |
0846947 |
When the vPath contains %f0, it will cause the error_page to not work. |
0846513 |
Redirecting to HTTPS does not work due to HTTPS service not being enabled automatically on the management port. |
0844072 | Management IP unavailable after switching AP mode to standalone. |
0840608 | WAF Source IP exceptions stopped working for URL protection. |
0840354 | The VM can create up to 15 VDOMs after importing the 16 Cores license, but only 10 corresponding VDOM names are created in /var/log/logrpt/{VDOM}, where the logging for some of the VDOMs are not working. |
0840171 | Route Health Injection leaking between VDOMs. |
0838537 | Administrator who has read/write permission cannot upload certificate in VDOMs. |
0837825 | Improper grammar in log messages. |
0836867 | Unexpected RHI behavior for in A-A-VRRP HA cluster. |
0835425 |
RADIUS virtual server intermittently adds incorrect translated destination port in the forwarded RADIUS requests. |
0831472 |
Issues with VSL4 and SNAT due to IP ARP conflict. |
0830087 |
In the GUI, VDOMs are not showing in the drop-down menu. |
0829597 |
HA A-A mode secondary unit traffic log shows gateway as none. |
0828919 |
L2 SSL Forward Proxy bypassed session and log show incorrect port information. |
0827748 |
FortiADC devices showing consistent slowness. |
0826635 |
FortiADC crashed after changing the virtual server type from Layer 4 to Layer 2. |
0824625 |
IP address in "227 Enter Passive Mode" is changed from virtual to real-server when "227 Enter Passive Mode" is resent. |
0824287 |
Enhancement request to add SAN field for manual CSR creation in GUI and CLI. |
0822767 |
When using the Bot Detection Policy exception to whitelist IPs, the logs still continue to log allowlist matches. |
0821812 |
Clock synchronization failure with local NTP server when the virtual server uses port 123, causing the NTP bind to fail. |
0821776 |
Kernel panic while removing VLAN interface. |
0820934 |
FortiADC GUI interfaces displaying as disabled. |
0818663 |
Cloned IPS signatures cannot be modified. |
0806321 |
Email alerts is being sent in TLS 1.0, but since TLS versions 1.2 or lower has been deprecated, connections lower than TLS 1.2 is not being accepted. |
0802844 |
Unable to login to FortiADC GUI and abnormal behavior in some virtual servers due to tmpfs_control leak issue. |
Common Vulnerabilities and Exposures
For more information, visit https://www.fortiguard.com/psirt.
Bug ID |
Description |
---|---|
0829266 | FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CVE-2022-2097. |
0825708 | FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection"). |
0825707 | FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-20: Improper Input Validation. |
0797261 | FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CVE-2018-25032. |
0784332 |
FortiADC 6.2.5 is no longer vulnerable to the following CVE-Reference: CWE-321: Use of Hard-coded Cryptographic Key. |