Fortinet black logo

Release Notes

Home FortiProxy 7.0.15 Release Notes
7.0.15
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.17
7.0.16
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.2.13
1.2.12
1.2.11
1.2.10
1.2.9
1.2.8
1.2.7
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.6
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1.0
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0

Resolved issues

Resolved issues

The following issues have been fixed in FortiProxy 7.0.15. For inquiries about a particular bug, please contact Customer Service & Support.

Bug ID Description
985198 IP address threat feed connection status indicates "Other Error".

955481

983897

When fast-policy-match is enabled, traffic is matched to wrong policy during a specific period of time.
977734 Access to secondary unit is not granted when you use the SVI interface for management in HA.
951108 Crash at wad_sec_policy_result_free.
979936 When configuring ipv6 addresses in the CLI, all types of external-resource for ipv6 address are listed. Only the external-resources of type "domain" and "address" should be listed.
980994 External-resource type other than address and domain are not filtered out for firewall.policy.dstaddr6 and srcaddr6.
976713 Connection is closed during SSL offload by "config firewall ssl-server".
924398 FTP passive mode fails to establish data channel via DNAT as the IP/port provided by the server is not translated.
933593 User Agent field is truncated in http transaction log.
976198 Missing port check for ICAP local server when configuring port in other services.
977972 The GUI terminal cannot show the "dia sys top" correctly.
945197 Configuration value of the interface IP address should not be synced within a FortiProxy HA cluster on Azure.

906712

949847

 Crash on wad_diag_stats_policy_list.

773815

988544

 AD group cache update issue.
986806 Crash in WAD user-info process.
982614 Anti-virus incorrectly blocks the upload of good Excel files to OneDrive with corrupted archive error.
989515 Crash on building fast match table when the source interface is configured with an empty system zone.
976775 When policy based routing is configured and traffic is redirected to WAD, traffic from the FortiProxy back to the client is routed via static routing.
981193 FortiProxy do not send authentication request after proxy-re-authentication-time is passed.

980297

GUI shows empty remote groups while CLI configuration shows the correct remote group configuration.

980702

URL rating lookup does not support valid URLs with forward slash.

987777

Policy ID is not available for disabled policies in the FortiProxy GUI.
984094 WAD worker memory leak.

991641

Unable to save changes shaping policy when dstaddr6 is set to be an IPv6 FQDN address with wildcard (*).
915834 HA active-passive flip: standby FortiProxy tries to reach out to FortiGuard services through HA port.
989798 Out-of-bounds write in SSL VPN.
985049 XSS vulnerability in reboot page.
989784 Access to other users' bookmarks in SSL VPN web mode.
990142 Interfaces with no members are allowed to be aggregated in GUI.

992599

UTM action and count information is missing in http-transaction-log for HTTPS request when tp-policy is certificate-inspect.

994230

WAD crashes when SOCKS request fails to connect to LDAP server.

995622

SOCKS request is unable to match web-proxy entity in auth rule and WAD crashes.

Common vulnerabilities and exposures

FortiProxy 7.0.15 is no longer vulnerable to the following CVE references. Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE reference

989784

CVE-2024-23112

973351

CVE-2023-38545 and CVE-2023-38546

989798

CVE-2024-21762

Previous
Next

Resolved issues

The following issues have been fixed in FortiProxy 7.0.15. For inquiries about a particular bug, please contact Customer Service & Support.

Bug ID Description
985198 IP address threat feed connection status indicates "Other Error".

955481

983897

When fast-policy-match is enabled, traffic is matched to wrong policy during a specific period of time.
977734 Access to secondary unit is not granted when you use the SVI interface for management in HA.
951108 Crash at wad_sec_policy_result_free.
979936 When configuring ipv6 addresses in the CLI, all types of external-resource for ipv6 address are listed. Only the external-resources of type "domain" and "address" should be listed.
980994 External-resource type other than address and domain are not filtered out for firewall.policy.dstaddr6 and srcaddr6.
976713 Connection is closed during SSL offload by "config firewall ssl-server".
924398 FTP passive mode fails to establish data channel via DNAT as the IP/port provided by the server is not translated.
933593 User Agent field is truncated in http transaction log.
976198 Missing port check for ICAP local server when configuring port in other services.
977972 The GUI terminal cannot show the "dia sys top" correctly.
945197 Configuration value of the interface IP address should not be synced within a FortiProxy HA cluster on Azure.

906712

949847

 Crash on wad_diag_stats_policy_list.

773815

988544

 AD group cache update issue.
986806 Crash in WAD user-info process.
982614 Anti-virus incorrectly blocks the upload of good Excel files to OneDrive with corrupted archive error.
989515 Crash on building fast match table when the source interface is configured with an empty system zone.
976775 When policy based routing is configured and traffic is redirected to WAD, traffic from the FortiProxy back to the client is routed via static routing.
981193 FortiProxy do not send authentication request after proxy-re-authentication-time is passed.

980297

GUI shows empty remote groups while CLI configuration shows the correct remote group configuration.

980702

URL rating lookup does not support valid URLs with forward slash.

987777

Policy ID is not available for disabled policies in the FortiProxy GUI.
984094 WAD worker memory leak.

991641

Unable to save changes shaping policy when dstaddr6 is set to be an IPv6 FQDN address with wildcard (*).
915834 HA active-passive flip: standby FortiProxy tries to reach out to FortiGuard services through HA port.
989798 Out-of-bounds write in SSL VPN.
985049 XSS vulnerability in reboot page.
989784 Access to other users' bookmarks in SSL VPN web mode.
990142 Interfaces with no members are allowed to be aggregated in GUI.

992599

UTM action and count information is missing in http-transaction-log for HTTPS request when tp-policy is certificate-inspect.

994230

WAD crashes when SOCKS request fails to connect to LDAP server.

995622

SOCKS request is unable to match web-proxy entity in auth rule and WAD crashes.

Common vulnerabilities and exposures

FortiProxy 7.0.15 is no longer vulnerable to the following CVE references. Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE reference

989784

CVE-2024-23112

973351

CVE-2023-38545 and CVE-2023-38546

989798

CVE-2024-21762

Previous
Next