Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 6.2.3. For inquires about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID

Description

573281 Unregistered syslog device appears with FortiMail's IP after adding FortiMail device.
536856 Device IP address under Device Manager may get randomly auto-updated.

Event Management

Bug ID

Description

537678

FortiAnalyzer should support Event Handler group-by options for non FortiGate device types.

563514 Event handler does not work properly for FortiSandbox.
590383 Event handler does not accept Email with "+" in the address.

FortiView

Bug ID

Description

535682 FortiView Compromised Host Last Detected time is displayed GMT time instead of local time.
577941 Compromised host should be removed from the list after being acknowledged.
577951 FortiView widgets using "Full" mode do not auto refresh using the Refresh Interval.

Log View

Bug ID

Description

592340

FortiAnalyzer may have a performance issue when displaying system logs in Log View.

586929

FortiAnalyzer 3000F may not insert logs when the IP changes frequently for endpoints due to DHCP.

589840

When source column is not selected, the Log View cannot display log details.

591077 FortiAnalyzer 3500E may not be able to quickly insert logs when IP frequently changes for endpoints due to DHCP.
592808 The Details pane is completely empty when FortiAnalyzer tries to display Traffic Log details.

Others

Bug ID

Description

560746

The default value for "hcache-max-fv-row" should be set based on available memory.

578038

After upgrade, FortiAnalyzer is slow when searching for information.

588074

FortiAnalyzer may stop receiving logs and event logs, and continuously display oftpd re-initialization.

590503

The new CLI process may crash due to commands "execute tac report" and "diagnose dvm check-integrity".

544516 FortiAnalyzer with Hyper-V live migration does not display GUI access.
590368 FortiAnalyzer may stop receiving logs when oftpd crashes.

Reports

Bug ID

Description

591088

SD-WAN report may show incorrect bandwidth value.

589496

FortiAnalyzer may generate a different result when running a report on the same time period either with a custom period or use a specific period from the drop-down list.

380371 FortiAnalyzer improved report accuracy on high end models.
552414 Read-write permissions are required to view and download reports through API calls.
581769 After rebuilding the SQL database, users may now be able to run reports with all available data.

System Settings

Bug ID Description

587702

Restricted user with specify ADOM permission cannot access Device Manager.

590109

Some time zones are not formatted correctly when forwarding as syslog.

559592 Rebuilding SQL takes a very long time after adding a second slave to cluster.
571412 Logging topology is misleading when collector mode FortiAnalyzer is deployed.
574987 ADOM quota retention removes more log data than the applied retention policy.
577814 FortiAnalyzer does not generate accurate local event log when ADOM retention policy is enforced.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID CVE references
568783

FortiAnalyzer 6.2.3 is no longer vulnerable to the following CVE-Reference(s):

  • CVE-2019-17657

Resolved Issues

The following issues have been fixed in FortiAnalyzer version 6.2.3. For inquires about a particular bug, please contact Customer Service & Support.

Device Manager

Bug ID

Description

573281 Unregistered syslog device appears with FortiMail's IP after adding FortiMail device.
536856 Device IP address under Device Manager may get randomly auto-updated.

Event Management

Bug ID

Description

537678

FortiAnalyzer should support Event Handler group-by options for non FortiGate device types.

563514 Event handler does not work properly for FortiSandbox.
590383 Event handler does not accept Email with "+" in the address.

FortiView

Bug ID

Description

535682 FortiView Compromised Host Last Detected time is displayed GMT time instead of local time.
577941 Compromised host should be removed from the list after being acknowledged.
577951 FortiView widgets using "Full" mode do not auto refresh using the Refresh Interval.

Log View

Bug ID

Description

592340

FortiAnalyzer may have a performance issue when displaying system logs in Log View.

586929

FortiAnalyzer 3000F may not insert logs when the IP changes frequently for endpoints due to DHCP.

589840

When source column is not selected, the Log View cannot display log details.

591077 FortiAnalyzer 3500E may not be able to quickly insert logs when IP frequently changes for endpoints due to DHCP.
592808 The Details pane is completely empty when FortiAnalyzer tries to display Traffic Log details.

Others

Bug ID

Description

560746

The default value for "hcache-max-fv-row" should be set based on available memory.

578038

After upgrade, FortiAnalyzer is slow when searching for information.

588074

FortiAnalyzer may stop receiving logs and event logs, and continuously display oftpd re-initialization.

590503

The new CLI process may crash due to commands "execute tac report" and "diagnose dvm check-integrity".

544516 FortiAnalyzer with Hyper-V live migration does not display GUI access.
590368 FortiAnalyzer may stop receiving logs when oftpd crashes.

Reports

Bug ID

Description

591088

SD-WAN report may show incorrect bandwidth value.

589496

FortiAnalyzer may generate a different result when running a report on the same time period either with a custom period or use a specific period from the drop-down list.

380371 FortiAnalyzer improved report accuracy on high end models.
552414 Read-write permissions are required to view and download reports through API calls.
581769 After rebuilding the SQL database, users may now be able to run reports with all available data.

System Settings

Bug ID Description

587702

Restricted user with specify ADOM permission cannot access Device Manager.

590109

Some time zones are not formatted correctly when forwarding as syslog.

559592 Rebuilding SQL takes a very long time after adding a second slave to cluster.
571412 Logging topology is misleading when collector mode FortiAnalyzer is deployed.
574987 ADOM quota retention removes more log data than the applied retention policy.
577814 FortiAnalyzer does not generate accurate local event log when ADOM retention policy is enforced.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID CVE references
568783

FortiAnalyzer 6.2.3 is no longer vulnerable to the following CVE-Reference(s):

  • CVE-2019-17657