Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiPAM 1.6.0 Release Notes
    1.6.0
    1.8.2
    1.8.1
    1.8.0
    1.7.2
    1.7.1
    1.7.0
    1.6.2
    1.6.1
    1.6.0
    1.5.1
    1.5.0
    1.4.3
    1.4.2
    1.4.1
    1.4.0
    1.3.1
    1.3.0
    1.2.0
    1.1.2
    1.1.1
    1.1.0
    1.0.3
    1.0.2
    1.0.1
    1.0.0

    Resolved issues

    Resolved issues

    The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please contact Technical Support within the FortiCare portal.

    Secret/Launch

    Bug ID

    Description

    1104861

    Associated Secret does not work with Web-Proxy credentials replacement.

    1111984

    Occasionally, slow to launch web_account with web_proxy enable.

    1123442, 1123005

    Approval email does not have port in FQDN.

    1121582

    Automatic Password Change fails with FortiGate.

    1128256

    Fix approval Email with invalid token.

    1130735

    Logic of folder permission changed impacting secret permissions.

    1110101

    Loosen target domain restriction changes.

    1125761

    Using space in the application filter path breaks the path.

    943426

    Secret can not be deleted when there are requests referencing it.

    1111605

    SSMS fails to connect to SQLServer Express edition.

    1120249

    Unable to access secret using web launch and enabling SSO.

    1099202

    Target Only template results in credential filler appearing in unrelated fields.

    User/Group

    Bug ID

    Description

    1124133

    Remove 2FA status check assert which causes wad crash.

    942445

    Add remote cert import feature in the GUI SAML configuration.

    1146150

    Resending the activation email for the 3rd party authenticator (all users getting QR code).

    1140780

    MFA bypass bug.

    1143321

    Dashboard displayed at the start page when Custom-Role is in use.

    1141333

    When deleting entry from the Restricted List, always deleted primary one.

    1130835

    Email approval not working.

    1067329

    When Replace Web Credential is enabled FortiPAM will randomly fail to proxy.

    System/Log

    Bug ID

    Description

    1118634

    KVM video disk unavailable in rare case

    1090570, 1117042

    Redundant logs for web browsing with web-proxy enabled

    1117515

    ZTNA HTTPS deployment could not work with FOS 7.4 and higher version.

    1113653

    Enabling private data encryption breaks secret passwords.

    1134290

    Unable to view credentials in Glass Breaking mode.

    1145017

    Automation Stitch trigger with wrong condition on GUI.

    1138555

    SAML admin login failing when using group matching.

    Others

    Bug ID

    Description

    1116828

    After enabling "GUI Portal" on port2, it failed to log in to FortiPAM due to incorrect firewall policy.

    1007307

    Issues with FortiVoice.

    1134119

    If FortiClient is installed on MacOS, upgrade your FortiPAM 1.6.0.

    See Special notices.

    1121038

    Weak authentication in wad/GUI.

    1120661

    Integer Overflow on SSL-VPN VNC bookmark.

    1137498, 1138620

    Add Ctrl/Shift+Insert and Ctrl+Shift+C/V support.

    1127496

    Replace Blacklist/Whilstlist terms.

    1144380

    Application Wad Signal 11.

    1112308, 1117737

    Heap buffer overflow in websocket.

    1108888

    Privilege escalation in Node.js websocket module.

    Common Vulnerabilities and Exposures

    Bug ID

    CVE references

    1130288

    FortiPAM is no longer vulnerable to the following CVE-Reference(s):

    • CVE-2025-26466

    • CVE-2025-26465

    1071180

    FortiPAM is no longer vulnerable to the following CVE-Reference(s):

    • CVE-2024-47570

    Visit https://fortiguard.com/psirt for more information.

    Previous
    Next

    Resolved issues

    Resolved issues

    The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please contact Technical Support within the FortiCare portal.

    Secret/Launch

    Bug ID

    Description

    1104861

    Associated Secret does not work with Web-Proxy credentials replacement.

    1111984

    Occasionally, slow to launch web_account with web_proxy enable.

    1123442, 1123005

    Approval email does not have port in FQDN.

    1121582

    Automatic Password Change fails with FortiGate.

    1128256

    Fix approval Email with invalid token.

    1130735

    Logic of folder permission changed impacting secret permissions.

    1110101

    Loosen target domain restriction changes.

    1125761

    Using space in the application filter path breaks the path.

    943426

    Secret can not be deleted when there are requests referencing it.

    1111605

    SSMS fails to connect to SQLServer Express edition.

    1120249

    Unable to access secret using web launch and enabling SSO.

    1099202

    Target Only template results in credential filler appearing in unrelated fields.

    User/Group

    Bug ID

    Description

    1124133

    Remove 2FA status check assert which causes wad crash.

    942445

    Add remote cert import feature in the GUI SAML configuration.

    1146150

    Resending the activation email for the 3rd party authenticator (all users getting QR code).

    1140780

    MFA bypass bug.

    1143321

    Dashboard displayed at the start page when Custom-Role is in use.

    1141333

    When deleting entry from the Restricted List, always deleted primary one.

    1130835

    Email approval not working.

    1067329

    When Replace Web Credential is enabled FortiPAM will randomly fail to proxy.

    System/Log

    Bug ID

    Description

    1118634

    KVM video disk unavailable in rare case

    1090570, 1117042

    Redundant logs for web browsing with web-proxy enabled

    1117515

    ZTNA HTTPS deployment could not work with FOS 7.4 and higher version.

    1113653

    Enabling private data encryption breaks secret passwords.

    1134290

    Unable to view credentials in Glass Breaking mode.

    1145017

    Automation Stitch trigger with wrong condition on GUI.

    1138555

    SAML admin login failing when using group matching.

    Others

    Bug ID

    Description

    1116828

    After enabling "GUI Portal" on port2, it failed to log in to FortiPAM due to incorrect firewall policy.

    1007307

    Issues with FortiVoice.

    1134119

    If FortiClient is installed on MacOS, upgrade your FortiPAM 1.6.0.

    See Special notices.

    1121038

    Weak authentication in wad/GUI.

    1120661

    Integer Overflow on SSL-VPN VNC bookmark.

    1137498, 1138620

    Add Ctrl/Shift+Insert and Ctrl+Shift+C/V support.

    1127496

    Replace Blacklist/Whilstlist terms.

    1144380

    Application Wad Signal 11.

    1112308, 1117737

    Heap buffer overflow in websocket.

    1108888

    Privilege escalation in Node.js websocket module.

    Common Vulnerabilities and Exposures

    Bug ID

    CVE references

    1130288

    FortiPAM is no longer vulnerable to the following CVE-Reference(s):

    • CVE-2025-26466

    • CVE-2025-26465

    1071180

    FortiPAM is no longer vulnerable to the following CVE-Reference(s):

    • CVE-2024-47570

    Visit https://fortiguard.com/psirt for more information.

    Previous
    Next