Resolved issues
The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please contact Technical Support within the FortiCare portal.
Bug ID |
Description |
---|---|
842886 |
Upgrading FortiAuthenticator in HA-LB removes the MAC-address records form the LB node. |
867289 |
FortiAuthenticator drops FSSO events with |
868810 |
Heavy FSSO-linked DNS traffic could result in the loss of HA heartbeats. |
891801 |
FortiAuthenticator only sends accounting responses in random bursts with huge delays. |
909342 |
Import hard token through the serial number file, status |
913981 |
Non-admin SAML FIDO authentication ends with error 500. |
914755 |
FortiAuthenticator is not sending the userip to the Syslog server when using RADIUS authentication |
923385 |
FortiAuthenticator leaves the token in assigned status with no user when syncing a new token assignment from LDAP. |
928803 |
Syslog over TLS enabled offers TLS 1.0 and TLS 1.1 on port 6514. |
929004 |
Unable to add longer mobile phone numbers for certain country codes. |
929090 |
FortiAuthenticator issues with |
929279 |
Self-service portal password change fails for remote LDAP users. |
929943 |
Push authentication does not work on the Windows Agent when using FortiTrust Identity. |
931811 |
The GUI is slow when attempting to access the self-service portal or the legacy portal. |
931960 |
|
934078 |
FortiAuthenticator allows and forwards TS-Agent and DC-Agent login for the same IP address. |
934567 |
Internal Server Error (Disk full) on the users certificate GUI with 50K+ certificates. |
935590 |
REST API does not return company and department fields for local users. |
937201 |
Sync rule with any OTP method including None generates excessive logs. |
938777 |
DC agent debug logging responsible for excessive disk I/O when polling 25 event log sources. |
939073 |
|
942103 |
SMS gateway with |
942902 |
RADIUS crashes when the admin logs in after upgrading to 6.4.1. |
948184 |
Upgrade to 6.5.3 fails and leaves FortiAuthenticator unusable. |
948606 |
LDAP group filter query fails when 3 CN is chosen. |
950252 |
CSV Mac device import fails due to MAC address wildcard formatting. Previously, resolved in 0665381. |
950326 |
FortiAuthenticator keep sending non-stop traffic to |
951966 |
GUI not showing groups when trying to import user by group membership attribute from the OpenLDAP server. |
952537 |
Certificate renewal failure after revocation. |
953106 |
Unable to change Fortinet logo on one of the replacement messages. |
957153 |
Dynamic RADIUS attribute feature should work for an AD user. |
958112 |
Using special character in the Service Provider settings breaks SAML with 403 error. |
958660 |
Windows AD SSO domains randomly disconnected from FortiAuthenticator (when polling dozens). |
960241 |
Unable to redirect to a page after successful kerberos authentication |
962037 |
Issues when moving users from column Available Users to Chosen Users. |
965871 |
SAML stops working with error 500 due to captcha errors. |
966225 |
Unable to create multiple realms with the same remote SAML server. |
974065 |
GUI admin access permissions are ignored for D/E models in v6.5. |
975347 |
Issue running internal PKI for automatic certificate enrollment.. |
978303 |
Disable |
986578 |
Authentication fails when the remote LDAP username attribute is UPN and the user input is set to |
987555 |
6.6.0 |
992118 |
500 Internal server error when trying to download a smart connect profile when using 2FA. |
436033 |
Improve SSO user group membership configuration section. |
917189 |
Add more built-in tiles for SAML IdP-initiated portal. |
919603 |
FortiAuthenticator web server stops accepting requests until reboot /wad restarts - |
933747 |
REST API - |
940209 |
Expired OAuth tokens are never purged. |
944392 |
Post request will cause CSRF validation error if the URL contains port number other than 80 or 443. |
950260 |
Change in FortiToken Cloud 'balance' API broke inventory widget. |
957281 |
|
971069 |
|
973586 |
Fido OAuth authentication flow is broken. |
973754 |
Incorrect password with PCI mode enabled results in 500 error. |
976572 |
SAML captcha fails during upgrade if the template is modified. |
980696 |
New style for the tabs in list pages. |
983145 |
New menu structure for FSSO. |
986589 |
Filter box is hidden behind change list. |
964676 |
It takes around 10 seconds to create or migrate IAM user on any account. |
943410 |
SAML IdP losing |
853068 |
In the session expired token page entering wrong token does not redirect to the Login page. |
903747 |
Instruction link for installing FortiToken Mobile application is blocked on the self-service portal. |
906634 |
We can access SAML IdP initiated URL on a FortiAuthenticator using a server address that is not the FQDN or the IP address. |
924446 |
500 error for a remote user on the SAML portal with both FIDO and FortiToken Mobile/FortiToken Cloud token. |
924867 |
GUI crashes when creating a usage profile. |
931034 |
Coordinated upgrade from build 0073 (6.0.8) GA to 1349 results in errors in the HA cluster mode. |
934535 |
500 error when re-enabling a disabled local user with Account Expiration enabled. |
937917 |
Custom user fields in user portal settings gives 403 error when editing it. |
949269 |
Remote LDAP user should be denied in RADIUS if user has not been imported. |
954681 |
Test token with email/SMS not working due to CSP error. |
957329 |
Rest API patch method for local users fails with |
967020 |
500 Internal server error on SAML when authenticating with SAML with captcha enabled. |
969449 |
Fixed grammatical issue when rebooting the FortiAuthenticator-VM with updated license. |
972791 |
Error dump empty on 500 internal server error. |
975899 |
Unable to trigger FortiToken auto push with IPSec ikev2 using FortiAuthenticator as RADIUS server. |
985039 |
GUI issue in the HA Status page when HA is not configured. |
985831 |
After clicking Save, the message overlaps the title on the Accounting Proxy General page. |
989664 |
Header is missing if accessing a page by URL directly. |
993741 |
OAuth login with two factor authentication fails to login. |
825665 |
Wrong client IPv4 attribute for Fortinet SSO Methods > SSO > RADIUS Accounting Sources. |
924632 |
FortiAuthenticator unable to return more than 100 groups from the Azure AD when using SSOMA. |
928034 |
Issue authenticating IPsecVPN IKEv2 EAP (MSCHAPv2) to FortiAuthenticator + remote RADIUS server. |
934489 |
SmartConnect profile user certificate not containing the correct UPN. |
939829 |
If a user logs in to FortiAuthenticator first, then logs in to the OAuth application, the user will be logged in with the FortiAuthenticator login session. |
941685 |
Create new log events for RADIUS accounting start/stop messages. |
955548 |
Internal error 500 when trying to visualize the remote TACAC+ users. |
956341 |
IdP Initiated dasboard does not display the tile images if FortiAuthenticator is IdP proxy. |
968656 |
Unable to configure the fourth and the last realm in Authentication > SAML IdP > General. |
Common Vulnerabilities and Exposures
Bug ID |
CVE references |
---|---|
985986 |
FortiAuthenticator 6.5.4 is no longer vulnerable to the following CVE-Reference(s):
|