Resolved Issues
The following issues have been fixed in FortiAnalyzer version 6.4.0. For inquires about a particular bug, please contact Customer Service & Support.
Device Manager
Bug ID |
Description |
---|---|
296528 | Sorting with Device Manager's Log Status column may not work properly. |
496394 | Users may not be able to delete a VDOM from the GUI or API. |
536856 | Device IP address under Device Manager may get randomly auto-updated. |
545264 |
FortiAnalyzer may not show Device Lists. |
589646 | FortiAnalyzer should be able to add FortiProxy device with firmware version 1.2. |
596832 |
FortiGate Cluster is removed from log forwarding on failover when FortiAnalyzer is managed by a FortiManager. |
Event Management
Build ID |
Description |
---|---|
537678 | FortiAnalyzer should support Event Handler group-by options for non FortiGate device types. |
560818 | Email filter event with group by subject may show unreadable characters due to some non-ASCII strings. |
563514 | Build 1050: Event handler does not work properly for FortiSandbox. |
590383 | Event handler does not accept Email with "+" sign in the address. |
FortiView
Bug ID |
Description |
---|---|
535682 | FortiView Compromised Host Last Detected time is displayed as GMT time instead of local time. |
562834 | On FortiView > Top Sources, FortiAnalyzer displays incorrect data when trying to filter logs with Source and User. |
574836 | FortiAnalyzer may not be able to show the Compromised Hosts. |
577941 | Compromised host should be removed from the list after being acknowledged. |
593374 | Exported PDF should take into consideration on how data is sorted. |
594107 | The time shown in Last Detected is only in 12 hour format and it does not include AM or PM. |
602387 |
FortiAnalyzer may use high CPU resources when viewing logs from FortiGate. |
611019 |
Filter is not working when the user drills down from "Top Threats". |
Log View
Build ID |
Description |
---|---|
542933 |
FortiView does not search logs for the time entered in custom time. |
550523 |
Downloading logs from Log View randomly fails. |
573281 | Unregistered syslog device appears with FortiMail's IP after adding a FortiMail device. |
586929 |
FortiAnalyzer may not insert logs when the IP changes often for endpoints due to DHCP. |
589840 | When source column is not selected, the log view cannot display log details. |
591077 |
FortiAnalyzer may not be able to quickly insert logs when IP changes often for endpoints due to DHCP. |
592340 |
FortiAnalyzer may have performance issue to display system logs in Log View. |
592808 | When FortiAnalyzer tries to display Traffic Log details, the details pane is completely empty. |
596229 | Log Filter should allow the user to choose and filter "DNS" log type when Log Forwarding is enabled. |
597192 | Downloading logs may take longer than log search. |
608652 |
Event alert logs cannot be inserted into database successfully on HA master unit. |
Others
Build |
Description |
---|---|
508597 | FortiAnalyzer with no devices may occupy high CPU resources by sqllogd. |
529711 | FortiAnalyzer may connect to map server and GeoIP server directly even when web-proxy is enabled. |
544516 | FortiAnalyzer with Hyper-V live migration does not display the GUI. |
551198 |
The command, |
560746 | The default value for "hcache-max-fv-row" should be set based on available memory. |
562540 | FortiAnalyzer's diagnostic report should also include IO statistics. |
569707 |
Device may hang and lost of accessibility including console. |
578038 | After upgrade, FortiAnalyzer is slow when searching for information. |
588074 | FortiAnalyzer may stop receiving logs and event logs, and continuously display oftpd re-initialization. |
590368 | FortiAnalyzer may stop receiving logs after oftpd crashed. |
590503 | The new CLI process may crash due to commands "execute tac report" and "diagnose dvm check-integrity". |
590630 |
Backing up all ADOM logs via FTP may stop with no error printed. |
591594 |
snmpd may frequently crash. |
592593 | FortiAnalyzer may update ADOM disk allocation or create ADOM without any checks when request is made via JSON API. |
596192 | FortiAnalyzer may return incorrect value for SNMP MIB sysObjectID. |
596252 | The clustered daemon may consume high CPU resources. |
597093 | Mib file for FortiAnalyzer should not contain duplicated object ID. |
601093 | After upgrade, FortiManager may not receive logs from one FortiGate cluster that is running FortiOS 6.0. |
Reports
Build ID |
Description |
---|---|
380371 | FortiAnalyzer improved report accuracy on high end models. |
552414 | Read-write permissions are required to view and download reports through API calls. |
557388 | There are discrepancies in Bandwidth and Applications Report for predefined datasets with the same report time period. |
581769 | After rebuilding the SQL database, users may now be able to run reports with all available data. |
588590 |
FortiAnalyzer should print a detailed message when importing report fails. |
589496 | FortiAnalyzer may generate different results when running a report with the same time period, either with a custom time-period or selecting a specific time period from the dropdown list. |
608819 |
A report cache cannot be used on scheduled report when running on specific device. |
System Settings
Build ID |
Description |
---|---|
516044 | FortiAnalyzer GUI should keep the same behavior as CLI when the user disables the log forwarding setting. |
559592 |
Rebuilding SQL takes a very long time after adding a second slave to a cluster. |
571412 | Logging topology is misleading when collector mode FortiAnalyzer is deployed. |
574987 | ADOM quota retention removes more log data than the applied retention policy. |
577814 | FortiAnalyzer does not generate accurate local event logs when the ADOM retention policy is enforced. |
587702 | Restricted user with Specify ADOM permission cannot access Device Manager. |
590109 | Some time zones are formatted incorrectly when forwarding as syslog. |
593588 | GUI should not allow creating a Local Certificate with Certificate Name containing more than 35 characters. |
594693 | FortiAnalyzer may show many messages on Alert Console: "re-obtained table size for FGTADOM1391-Elog-1553532000 size=8192". |
600639 | FortiAnalyzer may not be able to move a VDOM with long name from the Root ADOM to another ADOM. |
603346 | FortiAnalyzer should not allow user to set to 0 day for data retention policy. |
612328 |
When there are overlapping trust hosts, the incorrect IP and subnet might be used in the IP table. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
Bug ID | CVE references |
---|---|
511903 |
FortiAnalyzer 6.4.0 is no longer vulnerable to the following CVE-Reference:
|
597311 |
FortiAnalyzer 6.4.0 is no longer vulnerable to the following CVE-Reference:
|
606144 |
FortiAnalyzer 6.4.0 is no longer vulnerable to the following CVE-Reference:
|
603255 |
FortiAnalyzer6.4.0 is no longer vulnerable to the following CVE-Reference:
|