The following issues have been resolved in FortiADC 7.1.2 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.
|0891664||The customized form base authentication page cannot support domain names longer than 32 bytes, which results in redirection to an incomplete domain name.|
|0885150||Shared memory related crash caused by conflict between httproxy and cmdb when cmdb reinits shared memory.|
|0884045||Firewall Policy deny logs are not generated when the packet is for Layer 4 virtual servers.|
|0883985||FortiADC Layer 2 forward proxy in transparent mode does not work well.|
|0883108||Secondary HA unit reload loop caused by the comment field of the alert policy becoming mismatched between the secondary and primary units when the comment defaults to
|0882565||Typos in the upgrade completion message for the statistics database.|
|0881798||FQDN issue caused by longer self-generated keys. Require support for 2048 bits key size for both KSK and ZSK with the RSASHA256 algorithm.|
|0881065||Request to increase the Maximum Packet Count in Packet Capture from the current 10,000 to 100,000.|
|0874118||Automation alert email subjects default to "FADC_Alert" instead of user-defined subject.|
|0873773||Out of memory issue caused by configuration synchronization.|
|0871641||Loss of connectivity between FortiADC and FortiAnalyzer due to hardware platforms attempting to use a certificate that is not available to them.|
|0870372||FortiADC crashes and HA-failover was not triggered.|
|0868982||WCCP did not work with VDOM.|
|0867226||The Cookie Security policy Max Age unit is based in minutes in the GUI, but the value that is inserted to the cookie is based on seconds, which means the given range would be incorrect.|
|0865442||DNS SLB does not forward server response when RS returns failures.|
|0865060||SNMP does not respond for power supply trap.|
|0864953||FortiADC-VM shuts itself down due to timing issues related to SAML function.|
|0862865||Layer 7 virtual server frontend SNI incorrectly contains real server local certificate.|
|0862575||File upload fails with AV engine error.|
|0858336||CORS Protection deny access even for legitimate traffic specified in Allowed Origin.|
|0858214||GUI bug preventing Client SSL profile creation.|
|0855871||Upgrade failed due to unsupported "firewall nat-snat" IPv6 configuration.|
|0853597||Servers in server pool showing as unavailable due to LB crash and Netlink issue.|
|0853552||OCI performance issues resolved by adding irqbalance for virtIO in OCI.|
|0851364||VM returns 20 instead of 10 for SNMP fadcVdMaxVdoms.|
|0850561||SLB stops responding to SSL requests resulting in httproxy crash.|
|0848745||Health check does not fail even when the real server is not configured with the services due to some daemon being unable to register the cmdb event.|
|0847993||The DNS related items are not hidden in report settings in non-root ADOM mode.|
|0847611||High spike in CPU usage and random reboots caused by IRQ handling.|
|0845338||FortiADC reporting wrong interface speed with SNMP.|
|0836337||Virtual servers in non-root will not be synchronized to GLB if ADOM mode is enabled.|
In an HA environment, if you are using a predefined automation configuration, resetting the configuration through the GUI (using the reset button) or unsetting comments through CLI will cause the HA synchronization to fail whenever a device reboots and rejoins the cluster.
Using the GUI reset button resets the predefined configuration values to the predefined default values, all except the comments value which is set to the default value on the backend. For example, if using the HA predefined configuration, the reset will result in
In the CLI, if
For more information, visit https://www.fortiguard.com/psirt.
|0891336||FortiADC7.1.2 is no longer vulnerable to the following CVE-Reference: CWE-23: Relative Path Traversal.|
|0891282/ 0891280/ 0887733/ 0852344/ 0838131/ 0819704 /0892671||
FortiADC7.1.2 is no longer vulnerable to the following CVE-Reference: CWE-78: Improper Neutralization of Special Elements used in an OS Command ("OS Command Injection").
FortiADC7.1.2 is no longer vulnerable to the following CVE-Reference: CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401.
FortiADC7.1.2 is no longer vulnerable to the following CVE-Reference: CWE-942: Permissive Cross-domain Policy with Untrusted Domains.