Resolved issues
The following issues have been resolved in FortiADC 7.0.3 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.
Bug ID |
Description |
---|---|
0833188 | miglogd crash for debug function. |
0832344 | Alertd crashed after using Automation to send out "show full" results, via Email action. |
0831420 | SAP SDN Connector parsing issues. |
0831166 | SNMP trap action is unable to add on Automation page. |
0830087 |
FortiADC Web UI does not show VDOMs in drop-down menu. |
0829822 | sapd sdn filter retrieves null pointer. |
0829750 | fnginxctld crash based on issue with longer loading time for websites going through FortiADC. |
0828136 | In the GUI, FortiView > Virtual Server Session filtering does not work. |
0827748 |
FortiADC performance issues as a result of exceeding total tcp_mem limit. |
0827447 | miglogd crash related to FortiAnalyzer. |
0824625 |
FTP passive response retransmit packet has the real-server IP in the payload. |
0824584 | HTTP proxy crashes when uploading WAF JSON schema. |
0823553 | Dashboard is not displaying data. |
0822767 | Allowlist to permit false positive Bots is not working for Bot Detection policy. |
0821776 | Kernel panic while removing VLAN interface. |
0820934 |
FortiADC GUI interfaces displaying as disabled. |
0819733 |
FortiADC PAYG VM is crashing after getting deployed through GCP Marketplace. |
0819216 |
REST API crashed when trying to upload CAPTCHA file. |
0819214 |
Error page is not responding properly to ZTNA triggered deny action. The root of the issue is caused by ZTNA sending the error response too early, causing the error page to be blocked. |
0819097 |
Error message "merge warning" triggers when synchronizing GSLB through Sync List. |
0818711 |
Following a successful request, some WAF modules are not scanning subsequent requests within the same session. Affected WAF modules: Brute Force Attack Detection, Cookie Security, JSON Detection, OpenAPI Validation, and XML Detection. |
0818663 |
Cloned IPS signatures cannot be modified. |
0818128 |
Cannot edit JSON schema entry. |
0817934 |
JSON schema import failing. |
0816794 |
Requests are incorrectly blocked when the Cookie Security is in "Signed" mode. |
0816768 |
REST API crashed when uploading file to SAML IdP. |
0816734 |
Cannot update CORS headers list. |
0816089 |
FortiSandbox Fabric Connector cannot connect type FSA. |
0815653 |
RADIUS persistence is not working. |
0815454 |
Client timeout settings limited to 3600 seconds or less. |
0814475 |
Google OAuth authentication code verification fails with "Malformed auth code" and "match scope failed". |
0811223 |
ZTNA rules cannot be applied properly if multiple EMS have the same ZTNA tag. The ZTNA profile cannot differentiate between the different EMS when the tag is the same. |
0810998 |
Local and remote administrative users unable to log in through GUI. |
0806675 |
L7 SMTP operation issues occurring after firmware update. |
0806321 |
Email alerts is being sent in TLS 1.0, but since TLS versions 1.2 or lower has been deprecated, connections lower than TLS 1.2 is not being accepted. |
0804514 |
HA status incorrectly show as "Not Sync". |
0802844 |
Unable to login to FortiADC GUI and abnormal behavior in some virtual servers due to tmpfs_control leak issue. |
0796054 |
Unable to control SNMP Trap community with Automation Stitches. |
0783548 |
FortiADC resets MySQL connection when concurrent connections are set for MySQL service in L7 VS. |
Common Vulnerabilities and Exposures
For more information, visit https://www.fortiguard.com/psirt.
Bug ID | Description |
---|---|
0833644 |
FortiADC 7.0.3 is no longer vulnerable to the following CVE-Reference: CWE-295: Improper Certificate Validation. |
0825708 |
FortiADC 7.0.3 is no longer vulnerable to the following CVE-Reference: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection"). |
0825707 |
FortiADC 7.0.3 is no longer vulnerable to the following CVE-Reference: CWE-20: Improper Input Validation. |
0823097 |
FortiADC 7.0.3 is no longer vulnerable to the following CVE-Reference: CWE-79: Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting"). |
0822315 | FortiADC 7.0.3 is no longer vulnerable to the following CVE-Reference: CWE-228: Improper Handling of Syntactically Invalid Structure. |
0797261 | FortiADC 7.0.3 is no longer vulnerable to the following CVE-Reference: CVE-2018-25032. |