Fortinet black logo

Release Notes

Home FortiSwitch 7.0.4 Release Notes

Resolved issues

7.0.4
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
3.6.12
3.6.11
3.6.10
3.6.9
3.6.8
3.6.7
3.6.6
3.6.5
3.6.4
3.6.3
3.6.2
3.6.1
3.6.0
3.5.6
3.5.5
3.5.4
3.5.3
3.5.2
3.5.1
3.5.0
3.4.3
3.4.2
3.4.1
3.4.0
3.3.3
3.3.2
3.3.1
Copy Link
Copy Doc ID 857de92c-9991-11ec-9fd1-fa163e15d75b:255778
Download PDF

Resolved issues

The following issues have been fixed in FortiSwitchOS 7.0.4. For inquiries about a particular bug, please contact Customer Service & Support.

734917

When you configure a PIM multicast flow with a range of group addresses for SVIs and the group address range overlaps with a dynamic IGMPv3 group receiver that has joined groups in a different VLAN, then the dynamic IGMPv3 receiver will still receive multicast traffic unexpectedly even after leaving the joined groups.
748210 The MAC authentication bypass (MAB) sometimes does not work on the FS-424E when a third-party hub is disconnected and then reconnected.
759992 After restarting the FortiSwitch unit, memory usage increases, and the user cannot access the FortiSwitch unit with the CLI or GUI.
760536 The SNMP trap for monitoring the power supply failure and restoration is using the wrong object identifier (OID).
763953 After LDAP authentication is successful, the admin user cannot log in.
765197 The automatic topology creates an ISL trunk between two switches with the wrong value for the native VLAN.

769733

The getnext query does not work on OID .0/0.0.
770402 The diagnose switch mclag list command is reporting a different up time value than the diagnose switch trunk list and get system performance status commands.
771767 Trusted hosts with a mask other than /32 cannot access the FortiSwitch unit.

776675

  • FortiSwitchOS cannot use the NAS-Filter-Rule when it exceeds 65 characters.

  • If you specify more than one port or port range (for example, 10.105.0.106/24 100,200,300 or 10.105.0.106/24 100-200,300,700-900) when defining the source or destination in a dynamic ACL entry, FortiSwitchOS applies the first port or port range and ignores the rest.

  • If you specify the destination port after the any keyword, you must specify any 0.0.0.0/0 <port_number>. For example, instead of permit in TCP any to any 90 cnt, use permit in TCP any to any 0.0.0.0/0 90 cnt instead.

783151

There was an error in the definition of fsTrapLlvViolation in the SNMP MIB.

788021

The poe-pre-standard-detection setting is shown as disabled in the CLI but enabled on the hardware for the FS-1xxE, FS-1xxF, FS-5xxD, and FSR-112D-POE models.

Common vulnerabilities and exposures

FortiSwitchOS 7.0.4 is no longer vulnerable to the following CVEs:

  • CWE-329

  • CWE-347

  • CWE-916

Visit https://fortiguard.com/psirt for more information.

Previous
Next

Resolved issues

The following issues have been fixed in FortiSwitchOS 7.0.4. For inquiries about a particular bug, please contact Customer Service & Support.

734917

When you configure a PIM multicast flow with a range of group addresses for SVIs and the group address range overlaps with a dynamic IGMPv3 group receiver that has joined groups in a different VLAN, then the dynamic IGMPv3 receiver will still receive multicast traffic unexpectedly even after leaving the joined groups.
748210 The MAC authentication bypass (MAB) sometimes does not work on the FS-424E when a third-party hub is disconnected and then reconnected.
759992 After restarting the FortiSwitch unit, memory usage increases, and the user cannot access the FortiSwitch unit with the CLI or GUI.
760536 The SNMP trap for monitoring the power supply failure and restoration is using the wrong object identifier (OID).
763953 After LDAP authentication is successful, the admin user cannot log in.
765197 The automatic topology creates an ISL trunk between two switches with the wrong value for the native VLAN.

769733

The getnext query does not work on OID .0/0.0.
770402 The diagnose switch mclag list command is reporting a different up time value than the diagnose switch trunk list and get system performance status commands.
771767 Trusted hosts with a mask other than /32 cannot access the FortiSwitch unit.

776675

  • FortiSwitchOS cannot use the NAS-Filter-Rule when it exceeds 65 characters.

  • If you specify more than one port or port range (for example, 10.105.0.106/24 100,200,300 or 10.105.0.106/24 100-200,300,700-900) when defining the source or destination in a dynamic ACL entry, FortiSwitchOS applies the first port or port range and ignores the rest.

  • If you specify the destination port after the any keyword, you must specify any 0.0.0.0/0 <port_number>. For example, instead of permit in TCP any to any 90 cnt, use permit in TCP any to any 0.0.0.0/0 90 cnt instead.

783151

There was an error in the definition of fsTrapLlvViolation in the SNMP MIB.

788021

The poe-pre-standard-detection setting is shown as disabled in the CLI but enabled on the hardware for the FS-1xxE, FS-1xxF, FS-5xxD, and FSR-112D-POE models.

Common vulnerabilities and exposures

FortiSwitchOS 7.0.4 is no longer vulnerable to the following CVEs:

  • CWE-329

  • CWE-347

  • CWE-916

Visit https://fortiguard.com/psirt for more information.

Previous
Next