Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.1. For inquires about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID Description
676662 Collector may not be showing the same FortiGate device version as analyzer.
716486 FortiAnalyzer still populating unauthorized device list even after detect-unregistered-log-device is set to disable.
722235 FortiWeb ADOM may not able to auto-detect correct platform model with SN.

FortiView

Bug ID Description
708006 Monitors Endpoints does not show all FortiClient endpoints as in logs.
711810 SSL Dialup IPSec connection count may not match with connection list.
713083 FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.
721008 Threats > Compromised Hosts may not be able to acknowledge compromised hosts when the end user is not a known IP.

Log View

Bug ID Description
662830 FortiAnalyzer daylight adjustments are not applied to real-time logging until rebooting the system.
694307 With increasing memory usage, FortiAnalyzer may stop receiving logs via OFTP from FortiGate devices.
704410 FortiAnalyzer may stop handling logs and the oftpd process is in a non-responsive state.
711711 Log filter may show unfiltered values.
715960 FortiClient Device ID takes FortiClient EMS SN value when displaying the log information from the historical view.
721806 LDAP User may not be able to delete Custom Views.
724223 Device list in Log View does not show correct devices after switching ADOMs.

Others

Bug ID Description
625343 FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
686491 Postgres may keep causing OoM with segmentation faults on multiple processes.

690271

The sqllogd daemon may crash.

698780 FortiAnalyzer may intermittently provide empty response to FortiView JSON requests.
700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
709699 FortiAnalyzer may contain a few siemdb crashes.
710178 FortiAnalyzer is listening on TCP/3000 even though accept-aggregation is disabled.
710322 An oftpd may have high memory usage triggering multiple crashes.
713344 After upgrade, FortiAnalyzer may show Invalid BIOS errors.
713701 FortiAnalyzer should provide more than 500 lines of logs via API.
713826 The diagnose test application siemdbd 6 command may show the wrong information after removing the last ADOM with "diagnose siem remove database.
722521 Upgrading of FortiAnalyzer-200F may not be possible due to hardware limitations.
723638 The dvmcmd process may crash when running TAC report.

Reports

Bug ID Description
692097 A report's sub-charts may not work after upgrade.
713189 Dataset and Intrusions-Timeline-By-Severity, may not list low severity intrusions.
716505 Text color for date on the cover page may not be correct.
717557 FortiAnalyzer reports may be empty when enabling LDAP Query.
718172 Report may be showing user or source as malicious code.
718579 While creating new or editing an Output Profile, the body section does not take any input.
718849 Reports and Output Profiles may disappear after upgrade.
720897 Scheduled Report may not run when the /amp folder is full.

System Settings

Bug ID Description
634253 ADOMs may disappear randomly from ADOM configuration while editing it.

667488

Read-only users should not be able to change RAID level with the GUI.

696041 FortiAnalyzer SSO should support URI format in entity ID.

712043

HA cluster failover may not work with the secondary unit stuck in the init-syncing state.

717524 Users may not be able to add a username which contains a Slash (/) inside Device Log Setting.

 

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID CVE references

716350

FortiAnalyzer 7.0.1 is no longer vulnerable to the following CVE-Reference:

  • CVE-2021-32589

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 7.0.1. For inquires about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID Description
676662 Collector may not be showing the same FortiGate device version as analyzer.
716486 FortiAnalyzer still populating unauthorized device list even after detect-unregistered-log-device is set to disable.
722235 FortiWeb ADOM may not able to auto-detect correct platform model with SN.

FortiView

Bug ID Description
708006 Monitors Endpoints does not show all FortiClient endpoints as in logs.
711810 SSL Dialup IPSec connection count may not match with connection list.
713083 FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.
721008 Threats > Compromised Hosts may not be able to acknowledge compromised hosts when the end user is not a known IP.

Log View

Bug ID Description
662830 FortiAnalyzer daylight adjustments are not applied to real-time logging until rebooting the system.
694307 With increasing memory usage, FortiAnalyzer may stop receiving logs via OFTP from FortiGate devices.
704410 FortiAnalyzer may stop handling logs and the oftpd process is in a non-responsive state.
711711 Log filter may show unfiltered values.
715960 FortiClient Device ID takes FortiClient EMS SN value when displaying the log information from the historical view.
721806 LDAP User may not be able to delete Custom Views.
724223 Device list in Log View does not show correct devices after switching ADOMs.

Others

Bug ID Description
625343 FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
686491 Postgres may keep causing OoM with segmentation faults on multiple processes.

690271

The sqllogd daemon may crash.

698780 FortiAnalyzer may intermittently provide empty response to FortiView JSON requests.
700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
709699 FortiAnalyzer may contain a few siemdb crashes.
710178 FortiAnalyzer is listening on TCP/3000 even though accept-aggregation is disabled.
710322 An oftpd may have high memory usage triggering multiple crashes.
713344 After upgrade, FortiAnalyzer may show Invalid BIOS errors.
713701 FortiAnalyzer should provide more than 500 lines of logs via API.
713826 The diagnose test application siemdbd 6 command may show the wrong information after removing the last ADOM with "diagnose siem remove database.
722521 Upgrading of FortiAnalyzer-200F may not be possible due to hardware limitations.
723638 The dvmcmd process may crash when running TAC report.

Reports

Bug ID Description
692097 A report's sub-charts may not work after upgrade.
713189 Dataset and Intrusions-Timeline-By-Severity, may not list low severity intrusions.
716505 Text color for date on the cover page may not be correct.
717557 FortiAnalyzer reports may be empty when enabling LDAP Query.
718172 Report may be showing user or source as malicious code.
718579 While creating new or editing an Output Profile, the body section does not take any input.
718849 Reports and Output Profiles may disappear after upgrade.
720897 Scheduled Report may not run when the /amp folder is full.

System Settings

Bug ID Description
634253 ADOMs may disappear randomly from ADOM configuration while editing it.

667488

Read-only users should not be able to change RAID level with the GUI.

696041 FortiAnalyzer SSO should support URI format in entity ID.

712043

HA cluster failover may not work with the secondary unit stuck in the init-syncing state.

717524 Users may not be able to add a username which contains a Slash (/) inside Device Log Setting.

 

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID CVE references

716350

FortiAnalyzer 7.0.1 is no longer vulnerable to the following CVE-Reference:

  • CVE-2021-32589