Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.2.11
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiManager 7.2.11 Release Notes
    7.2.11
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    Resolved Issues

    Resolved Issues

    The following issues have been fixed in FortiManager version 7.2.11. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID

    Description
    1000101 FortiManager fails to retrieve certificates that were directly imported into the FortiGate. As a result, FortiManager repeatedly attempts to push a CSR, leading to installation status conflicts.
    1119280 Firmware Template assignment does not work properly.

    1122481

    When a FortiGate HA failover occurs, making any configuration changes on the FortiGate HA may cause FortiManager to attempt to purge the firewall policies on the device during the installation (Install Device Settings (only)).
    1124171

    FortiManager retrieves the device configuration from the ZTP FortiGate after the image upgrade is performed, due to the 'Enforce Firmware' feature. This action erases all settings in the device database on the FortiManager side, and as a result, AutoLink installation will not be completed successfully.

    1124431 Installation failure due to 'sslvpn os check' syntax error.
    1126321 When creating a VLAN with "LAN" Role, an object is created even if "Create Address Object Matching Subnet" is disabled.
    1128094 After upgrading to v7.2.10, the entries under Network Monitor > Routing (Static & Dynamic) no longer appear.

    Others

    Bug ID

    Description
    1114809

    After upgrading the FMG using the "Upgrade Image via FortiGuard" feature, the FortiManager JSON API login may fail, leading to service disruptions. This issue is important for FortiPortal and other FortiManager API clients.

    Policy and Objects

    Bug ID

    Description
    1073463 Installation is failed with error, "VIP entry cannot be moved when central-nat is disabled."
    1101436 The "sni-server-cert-check" cannot be disabled on SSL-SSH inspection profile for "ftps" "pop3s" and "smtps".
    1113129 FortiManager is treating implicit-deny local-in policy incorrectly, denying any traffic.

    Services

    Bug ID

    Description
    1104925

    FortiManager in Cascade mode may fail to display accurate license information/contracts for FortiGate retrieved from the FDS server, as it is not listed in the FortiGate authlist.

    VPN Manager

    Bug ID

    Description
    1084696

    If users reopen the IPsec Tunnel template and close it without making any changes, FortiManagermight still display the following error message in the install log: "Error: VPN IPsec phase1-interface psksecret...Minimum psksecret length is 6..."

    Common Vulnerabilities and Exposures

    Visit https://fortiguard.com/psirt for more information.

    Bug ID CVE references

    1129438

    FortiManager 7.2.11 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-26466

    1172235

    FortiManager 7.2.11 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-48418

    1180568

    FortiManager 7.2.11 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-54820
    Previous
    Next

    Resolved Issues

    Resolved Issues

    The following issues have been fixed in FortiManager version 7.2.11. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID

    Description
    1000101 FortiManager fails to retrieve certificates that were directly imported into the FortiGate. As a result, FortiManager repeatedly attempts to push a CSR, leading to installation status conflicts.
    1119280 Firmware Template assignment does not work properly.

    1122481

    When a FortiGate HA failover occurs, making any configuration changes on the FortiGate HA may cause FortiManager to attempt to purge the firewall policies on the device during the installation (Install Device Settings (only)).
    1124171

    FortiManager retrieves the device configuration from the ZTP FortiGate after the image upgrade is performed, due to the 'Enforce Firmware' feature. This action erases all settings in the device database on the FortiManager side, and as a result, AutoLink installation will not be completed successfully.

    1124431 Installation failure due to 'sslvpn os check' syntax error.
    1126321 When creating a VLAN with "LAN" Role, an object is created even if "Create Address Object Matching Subnet" is disabled.
    1128094 After upgrading to v7.2.10, the entries under Network Monitor > Routing (Static & Dynamic) no longer appear.

    Others

    Bug ID

    Description
    1114809

    After upgrading the FMG using the "Upgrade Image via FortiGuard" feature, the FortiManager JSON API login may fail, leading to service disruptions. This issue is important for FortiPortal and other FortiManager API clients.

    Policy and Objects

    Bug ID

    Description
    1073463 Installation is failed with error, "VIP entry cannot be moved when central-nat is disabled."
    1101436 The "sni-server-cert-check" cannot be disabled on SSL-SSH inspection profile for "ftps" "pop3s" and "smtps".
    1113129 FortiManager is treating implicit-deny local-in policy incorrectly, denying any traffic.

    Services

    Bug ID

    Description
    1104925

    FortiManager in Cascade mode may fail to display accurate license information/contracts for FortiGate retrieved from the FDS server, as it is not listed in the FortiGate authlist.

    VPN Manager

    Bug ID

    Description
    1084696

    If users reopen the IPsec Tunnel template and close it without making any changes, FortiManagermight still display the following error message in the install log: "Error: VPN IPsec phase1-interface psksecret...Minimum psksecret length is 6..."

    Common Vulnerabilities and Exposures

    Visit https://fortiguard.com/psirt for more information.

    Bug ID CVE references

    1129438

    FortiManager 7.2.11 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-26466

    1172235

    FortiManager 7.2.11 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-48418

    1180568

    FortiManager 7.2.11 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-54820
    Previous
    Next