Fortinet black logo

Release Notes

Home FortiManager 6.0.1 Release Notes
6.0.1
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3

Resolved Issues

Resolved Issues

The following issues have been fixed in 6.0.1. For inquires about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

399726

Users may not be able to delete the last AP.

450434

FortiManager may unset wtp-mode after users change AP config from AP Manager.

455177

Advanced Options may not be available in the central FortiAP config page.

462857

Following changes in an AP profile, FortiManager may install unrelated local user group and radius server to VDOM root.

464811

Updated AP name may get reverted back to its default name if users do not install the change for a period of time.

481651

fapc-compatibility may be unset.

Device Manager

Bug ID

Description

408280

FortiManager may show FortiGate mobile token status as Unknown while it is Pending.

434101

FortiManager is missing Endpoint Control replacement message in device configuration and system template.

448102

There may be an error displayed when users try to modify CLI-Only objects under System > HA.

460403

FortiManager may not be able to automatically generate an interface of type vxlan.

463169

set apn is not available in device db under system lte-modem for FortiWiFi-30E-3G4G-INTL.

467773

All zones are displayed in every FortiGate.

474245

Policy Install fails due to set disk-usage log command inconsistency.

477009

VM Meter may not show both Master and Slave licensing information in the GUI.

479258

After adding and importing a new device, other devices may have Modified policy package status.

480290

Users may be able to change VDOM of aggregated/redundant interfaces.

480541

When long-vdom-name is not enabled, the GUI error pop up message may be empty when users create a VDOM with name longer than 11 characters.

482018

Others interfaces may not show up after collapsing.

482033

FortiManager should use the same GUI style for the Column Name as Source' & 'Destination under Policy route.

484600

FortiManager may not support enable/disable routes in Device Manager.

485722

Diffie-Hellman Groups 30, 29, 28, 27 and GCM encryption algorithms may be missing in IPsec Phase 2.

486042

FortiManager GUI may allow assigning zone bundled interfaces as SD-WAN link members.

486515

Users may be unable to change upload-option for fortianalyzer2.

491102

Password expiration date is set for new administrators even though the feature is disabled.

FortiClient Manager

Bug ID

Description

366095

Users may be unable to move a FortiClient profile from the GUI.

Global ADOM

Bug ID

Description

460461

The IPS package database version on Global ADOM may not be displayed in command diagnose dvm adom list.

470486

Automatic-Install may fail to detect changes to push to ADOMs.

482925

Internet Service destination is not displayed in IPv4 Header/Footer Policy in Global ADOM.

HA

Bug ID

Description

414616

Hostname may not be updated when users promote Slave device to be Master in FortiGate cluster.

465503

Installation to a FortiGate HA may fail after an HA failover.

480462

FortiManager Slave may fail to sync when users add a bunch of admin users on the Master.

Policy and Objects

Bug ID

Description

290293

Zone default mapping may be missing Block intra-zone traffic option.

442307

When users try to search for an address object, the address group that includes the address may not show up in the search result.

444671

GUI may not display logtraffic-start policy settings.

450922

IPS sensor with more than 8192 signature entries may be created.

459314

Users can delete used objects without options to disable it.

459655

Per-device mapping firewall address value changes may not change policy package status to Modified.

463920

Address groups should highlight the addresses searched.

471030

FortiManager allows users to use Wildcard entries under Web Rating Overrides.

472825

Web Filter profile may not be changed in Explicit Proxy Policy when profile name contains +.

475241

Users may be unable to clone global assigned FSSO objects in local ADOMs.

475496

Source, destination and services may not be ordered alphabetically in policy package.

475594

Users may be not able to create new firewall service custom objects due to the tablesize limit.

478915

Objects panel cannot be completely minimized.

481560

There is no validation check for FQDN addresses.

482361

After users rename a section, there may be one policy left under the old section name.

484261

Users may be unable to remove FSSO server2/3/4/5 with per-device mappings.

485687

Central NAT policy package installation may not follow the same logic that used in regular policy packages.

487123

Users may fail to add multiple Health Check in a Per-Device Mapping Virtual Server object.

Revision History

Bug ID

Description

478606

The preview of a VDOM may show commands from other VDOMs.

480723

Copying may not work when a webfilter and an URL filter share the same name.

481383

FortiManager tries to set max-miss-heartbeats for FortiSwitch ports.

486536

Installation may fail due to vip overlap error with FQDN VIP.

487117

FortiManager may try to install ssl-hpkp-age and ssl-hsts-age despite it being disabled.

487833

Installation may fail for VIP policies with a zone as a source interface.

Script

Bug ID

Description

471661

Advanced Device Filters may be displayed when users are editing CLI script.

480982

Progress bar for installing script may not work if the admin user has None access to import-policy-packages.

Services

Bug ID

Description

452732

Changing FDS/FGD schedule update and polling frequency may not work.

483670

FortiManager may not download image from FortiGuard to upgrade the FortiGate’s firmware.

485720

FOSVM licenses may be updated when FortiManager's FortiMeter license changes.

System Settings

Bug ID

Description

354283

The error message may be unclear when users try to delete a login admin session.

481018

DST change may be incorrect for Israel.

485392

Unclear error messages may be displayed after adding a FortiAnalyzer into Device Manager.

VPN Manager

Bug ID

Description

484608

Dialup VPN configuration may fail when peer type is set to dialup group.

487098

Random auto-generated PSK may be identical in two separate VPN Manager topologies.

Workplace and Workflow

Bug ID

Description

478444

Policy package status may not change to Modified in workflow mode.

Others

Bug ID

Description

471095

ADOM upgrade may fail because of webfilter URLfilter.

476643

Signature list may not be listed in extended database mode.

480551

SNMPwalk may fail with Error: OID not increasing: IP-MIB::ipAdEntAddr.

480577

GUI may get stuck at Temporarily Unavailable upon upgrading.

481763

diagnose cdb upgrade check may not fix all errors for objcfg-intergrity.

481901

There is no way for users to reset the hit count for all ADOMs and dbcache.

485906

The admin_server_cert may not work in FIPS mode.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

464795

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2017-17541

468740

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1351

473644

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1354

474994

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1355

479513

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1065

480025

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-7492

482793

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-0739
Previous
Next

Resolved Issues

The following issues have been fixed in 6.0.1. For inquires about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

399726

Users may not be able to delete the last AP.

450434

FortiManager may unset wtp-mode after users change AP config from AP Manager.

455177

Advanced Options may not be available in the central FortiAP config page.

462857

Following changes in an AP profile, FortiManager may install unrelated local user group and radius server to VDOM root.

464811

Updated AP name may get reverted back to its default name if users do not install the change for a period of time.

481651

fapc-compatibility may be unset.

Device Manager

Bug ID

Description

408280

FortiManager may show FortiGate mobile token status as Unknown while it is Pending.

434101

FortiManager is missing Endpoint Control replacement message in device configuration and system template.

448102

There may be an error displayed when users try to modify CLI-Only objects under System > HA.

460403

FortiManager may not be able to automatically generate an interface of type vxlan.

463169

set apn is not available in device db under system lte-modem for FortiWiFi-30E-3G4G-INTL.

467773

All zones are displayed in every FortiGate.

474245

Policy Install fails due to set disk-usage log command inconsistency.

477009

VM Meter may not show both Master and Slave licensing information in the GUI.

479258

After adding and importing a new device, other devices may have Modified policy package status.

480290

Users may be able to change VDOM of aggregated/redundant interfaces.

480541

When long-vdom-name is not enabled, the GUI error pop up message may be empty when users create a VDOM with name longer than 11 characters.

482018

Others interfaces may not show up after collapsing.

482033

FortiManager should use the same GUI style for the Column Name as Source' & 'Destination under Policy route.

484600

FortiManager may not support enable/disable routes in Device Manager.

485722

Diffie-Hellman Groups 30, 29, 28, 27 and GCM encryption algorithms may be missing in IPsec Phase 2.

486042

FortiManager GUI may allow assigning zone bundled interfaces as SD-WAN link members.

486515

Users may be unable to change upload-option for fortianalyzer2.

491102

Password expiration date is set for new administrators even though the feature is disabled.

FortiClient Manager

Bug ID

Description

366095

Users may be unable to move a FortiClient profile from the GUI.

Global ADOM

Bug ID

Description

460461

The IPS package database version on Global ADOM may not be displayed in command diagnose dvm adom list.

470486

Automatic-Install may fail to detect changes to push to ADOMs.

482925

Internet Service destination is not displayed in IPv4 Header/Footer Policy in Global ADOM.

HA

Bug ID

Description

414616

Hostname may not be updated when users promote Slave device to be Master in FortiGate cluster.

465503

Installation to a FortiGate HA may fail after an HA failover.

480462

FortiManager Slave may fail to sync when users add a bunch of admin users on the Master.

Policy and Objects

Bug ID

Description

290293

Zone default mapping may be missing Block intra-zone traffic option.

442307

When users try to search for an address object, the address group that includes the address may not show up in the search result.

444671

GUI may not display logtraffic-start policy settings.

450922

IPS sensor with more than 8192 signature entries may be created.

459314

Users can delete used objects without options to disable it.

459655

Per-device mapping firewall address value changes may not change policy package status to Modified.

463920

Address groups should highlight the addresses searched.

471030

FortiManager allows users to use Wildcard entries under Web Rating Overrides.

472825

Web Filter profile may not be changed in Explicit Proxy Policy when profile name contains +.

475241

Users may be unable to clone global assigned FSSO objects in local ADOMs.

475496

Source, destination and services may not be ordered alphabetically in policy package.

475594

Users may be not able to create new firewall service custom objects due to the tablesize limit.

478915

Objects panel cannot be completely minimized.

481560

There is no validation check for FQDN addresses.

482361

After users rename a section, there may be one policy left under the old section name.

484261

Users may be unable to remove FSSO server2/3/4/5 with per-device mappings.

485687

Central NAT policy package installation may not follow the same logic that used in regular policy packages.

487123

Users may fail to add multiple Health Check in a Per-Device Mapping Virtual Server object.

Revision History

Bug ID

Description

478606

The preview of a VDOM may show commands from other VDOMs.

480723

Copying may not work when a webfilter and an URL filter share the same name.

481383

FortiManager tries to set max-miss-heartbeats for FortiSwitch ports.

486536

Installation may fail due to vip overlap error with FQDN VIP.

487117

FortiManager may try to install ssl-hpkp-age and ssl-hsts-age despite it being disabled.

487833

Installation may fail for VIP policies with a zone as a source interface.

Script

Bug ID

Description

471661

Advanced Device Filters may be displayed when users are editing CLI script.

480982

Progress bar for installing script may not work if the admin user has None access to import-policy-packages.

Services

Bug ID

Description

452732

Changing FDS/FGD schedule update and polling frequency may not work.

483670

FortiManager may not download image from FortiGuard to upgrade the FortiGate’s firmware.

485720

FOSVM licenses may be updated when FortiManager's FortiMeter license changes.

System Settings

Bug ID

Description

354283

The error message may be unclear when users try to delete a login admin session.

481018

DST change may be incorrect for Israel.

485392

Unclear error messages may be displayed after adding a FortiAnalyzer into Device Manager.

VPN Manager

Bug ID

Description

484608

Dialup VPN configuration may fail when peer type is set to dialup group.

487098

Random auto-generated PSK may be identical in two separate VPN Manager topologies.

Workplace and Workflow

Bug ID

Description

478444

Policy package status may not change to Modified in workflow mode.

Others

Bug ID

Description

471095

ADOM upgrade may fail because of webfilter URLfilter.

476643

Signature list may not be listed in extended database mode.

480551

SNMPwalk may fail with Error: OID not increasing: IP-MIB::ipAdEntAddr.

480577

GUI may get stuck at Temporarily Unavailable upon upgrading.

481763

diagnose cdb upgrade check may not fix all errors for objcfg-intergrity.

481901

There is no way for users to reset the hit count for all ADOMs and dbcache.

485906

The admin_server_cert may not work in FIPS mode.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

464795

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2017-17541

468740

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1351

473644

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1354

474994

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1355

479513

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-1065

480025

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-7492

482793

FortiManager6.0.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2018-0739
Previous
Next