Resolved issues
The following issues have been fixed in FortiManager Cloud version 7.2.10. To inquire about a particular bug, please contact Customer Service & Support.
AP Manager
| Bug ID | Description |
|---|---|
| 1040365 |
FortiManager Cloud is generating false vulnerability reports for certain FortiAPs:
|
| 1076200 |
Policy install fails due to FortiManager Cloud installs unexpected changes related to "<wifi_intf> address". |
Device Manager
| Bug ID | Description |
|---|---|
| 973365 |
FortiManager Cloud does not display the IP addresses of FortiGate interfaces configured with DHCP addressing mode. |
| 1015138 | Unable to edit interface with dhcp reservation. |
| 1030685 | Unable to export metadata variables if the metadata's per-device-mapping value is empty. |
| 1050126 |
Setting up a FortiGate-HA with ZTP fails because the FortiLink is not deleted during the "HA config pushed to FGT" process. |
| 1051889 | When downloading the FortiGate config through Device Manager > Managed Devices > Device Configuration DB, the downloaded file contains line breaks in middle of commands, which prevents it to be installed on FortiGate. |
| 1053194 |
If the " |
| 1063635 |
FortiManager Cloud does not support the "FortiWiFi-80F-2R-3G4G-DSL". |
| 1063835 |
FortiManager Cloud ZTP installation to FortiGate versions 7.2.8 and lower may fail due to
differing default " |
| 1063850 | FortiManager Cloud is attempting to install a "PRIVATE KEY" with every installation, even after retrieving the config. |
| 1067706 |
Metadata variables cannot be used in the firewall address objects. |
| 1070943 |
Unable to upgrade the devices via Device Group Upgrade Firmware feature. |
| 1074717 | An error might be observed when the SD-WAN template health check name contains a space, displaying the following message: "Bad health check name...". |
| 1075052 |
Occasionally, installations may fail on FortiGates in HA mode due to a "Serial number does NOT match" error. This can happen if the HA device's serial number on FortiManager Cloud does not immediately update after a failover. |
FortiSwitch Manager
|
Bug ID |
Description |
|---|---|
| 1061315 | Device DB FortiLink config changes when authorizing or deauthorizing FortiSwitch from either FortiSwitch Manager or local FortiGate. |
Others
|
Bug ID |
Description |
|---|---|
| 998198 |
When upgrading ADOM, the upgrade process fails with the following error: "invalid value - can not find import template 'XYZ' ". |
| 1003711 |
During the FortiGate HA upgrade, both the primary and secondary FortiGates may reboot simultaneously, which can disrupt the network. This issue is more likely to occur in FortiGates that require disk checks, leading to longer boot times. |
| 1020787 | ZTP Enforce firmware Version doesn't upgrade the secondary cluster member. |
| 1058185 | FortiProxy policies not imported if the policies have either internet service or IPv6 used in the source or destination. |
| 1078947 |
Repeatedly testing the URL rating on FortiManager Cloud ( |
|
1081941 |
When UTM-Profile gets added to a FortiProxy policy FortiManager Cloud generates invalid config. |
Policy and Objects
|
Bug ID |
Description |
|---|---|
| 958923 | Installing policy packages that utilize an SSL/SSH Inspection profile may fail with the error message "Server certificate replace mode cannot support category exempt." |
| 978136 |
Occasionally, installation may fail due to an error message, "Waiting for another session", which prevents policies from being installed from FortiManager Cloud. During this issue, the following message may also appear: "Blocked by session id(XYZ) username(n/a)". This issue may be caused by a signal loss between the child and parent security console processes, leading the parent process to continue waiting for a copy result. |
| 983591 | In the Firewall section, when attempting to add a note to the policy, the comment window shifts towards the left corner. |
| 991720 |
FortiManager Cloud still has an option to enable the "match-vip" through the policy package for "allow" policies. However, this is not supported anymore on the FortiGates. |
| 1004929 |
FortiManager Cloud removes the Web Filter Profile from the Profile Group for Policy-Based FortiGates. |
| 1005161 |
The policy package status changes for all devices even when an address object is opened and saved without any modifications. This issue is particularly observed in objects utilizing the per-device mapping feature. |
| 1008413 | FortiManager Cloud fails to load IPS signatures in the profile. This may only occur when the number of signatures listed in the profile is larger than 80. |
|
1014025 1087922 |
While attempting to access the Application Signatures list on FortiManager Cloud, an error message: "a.foreach is not a function" might be displayed. |
| 1029787 | The Firewall Policy pane in the FortiManager Cloud GUI may occasionally display both "Standard Security Profiles" (SSL no-inspection and protocol default profiles) and "Security Profile Groups" simultaneously. |
| 1046002 | Policy Package status does not display "unknown" status immediately following retrieve. |
| 1055795 | During device import via multiple CSV files at same time, some devices were imported successfully, while others encountered errors and had missing metadata variables. Additionally, FortiManager Cloud forced the admin to log out. When attempting to log back in, the following error message appeared: "ADOM not found". |
| 1068736 | Best Quality SDWAN rules installation may fail with the following error message: "Commit failed: Bad health check name". |
| 1069285 | Using TAB button while creating firewall address object creates error Invalid IP address. |
| 1071226 | Policy Lookup is not showing result as highlighted when the sections are not expended. |
| 1076659 |
When policy package configured with policy block, installation to multiple devices may have copy fail errors if combined length of the Policy Block name and Policy name is greater than 35 characters and if the total number of such policies exceeds 1000. |
| 1079037 | The "internet-service-id" attribute is configurable in the FortiManager Cloud,
whereas this attribute cannot be modified on the FortiGate. |
| 1079128 | ZTNA Server Per-Device Mapping may display a copy error failure if a new per-device mapping is created without specifying the object interface. |
| 1082548 | Address type FQDN is missing DNS resolve domain name function feature. |
Script
|
Bug ID |
Description |
|---|---|
| 931088 |
Unable to delete VDOMs using the FortiManager Cloud script. Interfaces remain in the device database, causing the installation to fail. InternalNotes: -------------- - The case apparently has been reproduced by ""Olivier Brunori, 2024-06-27 00:47"". |
|
1085374 |
FortiManager Cloud does not support exporting the TCL scripts via CLI. |
Services
| Bug ID | Description |
|---|---|
| 1034102 |
Unable to upgrade FortiGates from FortiManager Cloud due to a "no valid FMWR license" error, despite the FortiGates being licensed. This issue is reported when the "FMG Authorization table" on the FDS server is empty. |
|
1060509 |
When updating query service packages from the global anycast server (globalupdate.fortinet.net), larger-sized IoTS packages may encounter checksum errors. These errors can prevent the proper updating of SPAM and URL databases, potentially impacting the FortiManager Cloud's FortiGuard Services. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
| Bug ID | CVE references |
|---|---|
|
1020280 |
FortiManager Cloud 7.2.10 is no longer vulnerable to the following CVE Reference:
|
|
1103779 |
FortiManager Cloud 7.2.10 is no longer vulnerable to the following CVE Reference:
|