Fortinet black logo

Release Notes

Home FortiADC 7.0.4 Release Notes
7.0.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.6
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1.0
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.4.4
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.3.7
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.1
5.3.0
5.2.8
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.1.7
5.1.6
5.1.5
5.1.4
5.1.3
5.1.2
5.1.1
5.1.0
5.0.4
5.0.3
5.0.2
5.0.1
5.0.0
4.8.8
4.8.7
4.8.6
4.8.5
4.8.4
4.8.3
4.8.2
4.8.1
4.8.0
4.7.4
4.7.3
4.7.2
4.7.1

Resolved issues

Resolved issues

The following issues have been resolved in FortiADC 7.0.4 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

Bug ID

Description
0864197 Azure Load Balance backend IP can be duplicated with each other, resulting in the VS IP-port pair to be conflicted due to referencing the same IP-port.
0862865 Layer 7 virtual server frontend SNI incorrectly contains real server local certificate.
0860897 Unable to add RADIUS users as a FortiADC administrator.
0860196 Unable to modify RADIUS server from the GUI when the VDOM is disabled.
0857863/0857019 FortiADC console displays kernel related messages when execute reload command is executed.
0856019 Redirect Service Port is not hidden when the HTTP Redirect to HTTPS is disabled.
0855871 Upgrade failed with down time.
0853597 Servers in server pool showing as unavailable due to LB crash and Netlink issue.
0850564 On the GCP platform, address book conflict warning is falsely triggered due to memory overflow causing an expected error message in the /tmp/address_book_conflicts.log file.
0850561 SLB stops responding to SSL requests.
0849916 SAML inserts a header persistent-id that contains 0x00 making HTTP requests invalid caused by the overflow of characters when the input value exceeds 1023.
0848595 VDOM local admin is unable to create or modify reports.
0847611 High spike in CPU usage and random reboots.
0847369 VDOM traffic-log does not work when VDOM capacity is exceeded. For VMs (16 or 32 CPU) the VDOM capacity should be 15 or 20, however the VDOM traffic-log stops working after 10 VDOMs are added. For hardware platforms, when the number of VDOMs exceed the capacity (32 in some platforms), the traffic-log does not work for the excess VDOM.
0846947 When the vPath contains %f0, it will cause the error_page to not work.
0846804 When configuring SNMP Community for Traps, the GUI does not prevent long strings from being saved. However, these long strings will be truncated when they exceed 64 characters when the SNMP Community is sent.
0846337 When two virtual servers with the same IP address but different ports configured and one is disabled, the BGP stops advertising the IP for both virtual servers.
0846292 WAD failed to monitor files that contain special characters in the name.
0844072 Management IP unavailable after switching AP mode to standalone.
0840608 WAF Source IP exceptions stopped working for URL protection.
0840354 The VM can create up to 15 VDOMs after importing the 16 Cores license, but only 10 corresponding VDOM names are created in /var/log/logrpt/ {VDOM}, where the logging for some of the VDOMs are not working.
0840171 Route Health Injection leaking between VDOMs.
0839662 Ping fails when VLAN is created with special characters.
0839661 Improper grammar in error message.
0839521 In GCP, the licd fails to bind due to an improper bindkey type in the dhcpd that assigns a wrong bindkey to the cmdb.
0838537 Administrator who has read/write permission cannot upload certificate in VDOMs.
0838200 Hyphens in the address object name is not accepted after upgrading to 6.2.x and performing a configuration restore.
0837825 Improper grammar in log messages.
0836867 Unexpected RHI behavior for in A-A-VRRP HA cluster.
0835909 In WAD, cannot delete the files on the server when the file names contain special characters.
0832367 For Automation email actions, the number of times the action is triggered does not match the number of times the email alert is actually sent.
0829597 HA A-A mode secondary unit traffic log shows gateway as none.
0828919 L2 SSL Forward Proxy bypassed session and log show incorrect port information.
0826635 FortiADC crashed after changing the virtual server type from Layer 4 to Layer 2.
0824287 Enhancement request to add SAN field for manual CSR creation in GUI and CLI.
0821812 Clock synchronization failure with local NTP server when the virtual server uses port 123, causing the NTP bind to fail.
0799996 There is no validation check when the certificate name exceeds the maximum character length.
Common Vulnerabilities and Exposures

For more information, visit https://www.fortiguard.com/psirt.

Bug ID Description
0841023/0819704

FortiADC 7.0.4 is no longer vulnerable to the following CVE-Reference: CWE-78: Improper Neutralization of Special Elements used in an OS Command ("OS Command Injection").
0829266 FortiADC 7.0.4 is no longer vulnerable to the following CVE-Reference: CVE-2022-2097.
Previous
Next

Resolved issues

The following issues have been resolved in FortiADC 7.0.4 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

Bug ID

Description
0864197 Azure Load Balance backend IP can be duplicated with each other, resulting in the VS IP-port pair to be conflicted due to referencing the same IP-port.
0862865 Layer 7 virtual server frontend SNI incorrectly contains real server local certificate.
0860897 Unable to add RADIUS users as a FortiADC administrator.
0860196 Unable to modify RADIUS server from the GUI when the VDOM is disabled.
0857863/0857019 FortiADC console displays kernel related messages when execute reload command is executed.
0856019 Redirect Service Port is not hidden when the HTTP Redirect to HTTPS is disabled.
0855871 Upgrade failed with down time.
0853597 Servers in server pool showing as unavailable due to LB crash and Netlink issue.
0850564 On the GCP platform, address book conflict warning is falsely triggered due to memory overflow causing an expected error message in the /tmp/address_book_conflicts.log file.
0850561 SLB stops responding to SSL requests.
0849916 SAML inserts a header persistent-id that contains 0x00 making HTTP requests invalid caused by the overflow of characters when the input value exceeds 1023.
0848595 VDOM local admin is unable to create or modify reports.
0847611 High spike in CPU usage and random reboots.
0847369 VDOM traffic-log does not work when VDOM capacity is exceeded. For VMs (16 or 32 CPU) the VDOM capacity should be 15 or 20, however the VDOM traffic-log stops working after 10 VDOMs are added. For hardware platforms, when the number of VDOMs exceed the capacity (32 in some platforms), the traffic-log does not work for the excess VDOM.
0846947 When the vPath contains %f0, it will cause the error_page to not work.
0846804 When configuring SNMP Community for Traps, the GUI does not prevent long strings from being saved. However, these long strings will be truncated when they exceed 64 characters when the SNMP Community is sent.
0846337 When two virtual servers with the same IP address but different ports configured and one is disabled, the BGP stops advertising the IP for both virtual servers.
0846292 WAD failed to monitor files that contain special characters in the name.
0844072 Management IP unavailable after switching AP mode to standalone.
0840608 WAF Source IP exceptions stopped working for URL protection.
0840354 The VM can create up to 15 VDOMs after importing the 16 Cores license, but only 10 corresponding VDOM names are created in /var/log/logrpt/ {VDOM}, where the logging for some of the VDOMs are not working.
0840171 Route Health Injection leaking between VDOMs.
0839662 Ping fails when VLAN is created with special characters.
0839661 Improper grammar in error message.
0839521 In GCP, the licd fails to bind due to an improper bindkey type in the dhcpd that assigns a wrong bindkey to the cmdb.
0838537 Administrator who has read/write permission cannot upload certificate in VDOMs.
0838200 Hyphens in the address object name is not accepted after upgrading to 6.2.x and performing a configuration restore.
0837825 Improper grammar in log messages.
0836867 Unexpected RHI behavior for in A-A-VRRP HA cluster.
0835909 In WAD, cannot delete the files on the server when the file names contain special characters.
0832367 For Automation email actions, the number of times the action is triggered does not match the number of times the email alert is actually sent.
0829597 HA A-A mode secondary unit traffic log shows gateway as none.
0828919 L2 SSL Forward Proxy bypassed session and log show incorrect port information.
0826635 FortiADC crashed after changing the virtual server type from Layer 4 to Layer 2.
0824287 Enhancement request to add SAN field for manual CSR creation in GUI and CLI.
0821812 Clock synchronization failure with local NTP server when the virtual server uses port 123, causing the NTP bind to fail.
0799996 There is no validation check when the certificate name exceeds the maximum character length.
Common Vulnerabilities and Exposures

For more information, visit https://www.fortiguard.com/psirt.

Bug ID Description
0841023/0819704

FortiADC 7.0.4 is no longer vulnerable to the following CVE-Reference: CWE-78: Improper Neutralization of Special Elements used in an OS Command ("OS Command Injection").
0829266 FortiADC 7.0.4 is no longer vulnerable to the following CVE-Reference: CVE-2022-2097.
Previous
Next