Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.7
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiAnalyzer 7.4.7 Release Notes
    7.4.7
    8.0.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.13
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    5.0.1
    4.3.8

    Resolved issues

    Resolved issues

    The following issues have been fixed in 7.4.7. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID Description

    927113

    FortiAnalyzer displays incorrect EMS server version, IP address, and connectivity status.

    1058791

    Some devices not being authorized, but showing up under "authorized device list".

    Fabric View

    Bug ID Description
    1078817

    The FortiClient EMS Cloud Fabric Connector (existing/newly added) may not function properly, causing FortiAnalyzer to potentially fail in establishing a successful connection with the FortiClient EMS Cloud due to this issue.

    FortiSOC

    Bug ID Description

    872637

    The status of FortiGate Connectors under FortiSOC is intermittently down.

    FortiView

    Bug ID Description
    875592 Admins with read/write access might keep/set filters for different administrators (with read/write access).
    922053 Mismatched Username Detected for the Same IP Address in IOC Compromised Hosts.
    954542 When the time range is extensive, FortiAnalyzer may experience limitations in handling data points, resulting in potential omissions of data entries in the final results for FortiView SD-WAN Monitors widgets.
    989446

    FortiView SD-WAN Bandwidth Overview displays no data.

    1029156 Filter setting is getting shared automatically for users belonging to same LDAP group.
    1046491 FortiView SD-WAN view does not display the proper info for any range higher than "1 last hour".
    1050052 In some cases, the compromised host entry may display different FSSO users and source IPs than the actual users and source IPs on the drill-down page.

    1114751

    The widget "Top SD-WAN SLA Issues" appears empty when a specific interface and "All devices" are selected. This issue may occur if there are at least 10 devices with empty values for latency, jitter, or packet loss.

    Log View

    Bug ID Description

    1075987

    The log is incorrectly displayed as "SSH count" on the log details page of Log View.

    1093743

    Log filter doesn't search more than one IP address for one field.

    1114303

    Privacy masking does not work properly.

    Others

    Bug ID Description

    1001388

    FortiAnalyzer in Collector Mode does not forward logs for all FortiGates to the FortiAnalyzer working in Analyzer Mode.
    1068211 GUI stops working and displays incorrect/partial data and keeps restarting httpd daemon.

    1069672

    On the FortiGate, the log test CLI command shows that logs are queued and the test buttons in the GUI often fail. The issue occurs intermittently.

    1081045

    Some intermittent GUI issues have been observed due to a crash in the 'fazsvcd' daemon.

    1089725

    Progressively slower GUI performance caused by increasing memory usage of the "init" daemon.

    1098690

    After an upgrade, users (prior to the upgrade) who were created and assigned to a custom admin profile (with the super_user_profile enabled) may encounter a GUI issue. Upon successful login, the login prompt disappears, but only the background color remains visible with no additional GUI elements loaded.

    1127437

    When FortiAnalyzer does not have direct Internet access and is configured behind a Web Proxy, the Outbreak Alerts page in the GUI may either appear blank or fail to display properly when accessed by the FortiAnalyzer administrator.

    Reports

    Bug ID Description

    937700

    Source IP on the Report is shown as the Victim in the default Security Analysis report
    1013026

    Network Interface Utilization Charts are blank in Reports.

    1037920

    Query with 'DISTINCT' fails the validation due to relation with 'GROUP BY'.

    1123597

    When the report or chart filter is set to "All Devices", the chart displays data as expected. However, when the report or chart is filtered to a specific device, the message "No matching log data for this report" appears in the chart.

    System Settings

    Bug ID Description
    766197 An admin user limited to a device group can view all device's log.
    985489 When disabling the automatic adjustment for daylight saving time, the date and time on the dashboard update accordingly. However, the date and time of logs received by the FortiAnalyzer in Log View do not appear to update.
    1050063

    FortiAnalyzer experiences issues when log forwarding is configured (Log forward filter).

    1058282

    Remote administrators may be unable to review the Event Logs, as the GUI might display the following message: "Web Server Error 500."

    1080217

    Occasionally, when the FortiAnalyzer is rebooted (for maintenance or upgrade), the FortiGate may lose the FortiAnalyzer's serial number from the config log fortianalyzer settings. This can result in the following error message being displayed on the FortiGate: 'FortiAnalyzer certificate is not verified.'

    Common Vulnerabilities and Exposures

    Visit https://fortiguard.com/psirt for more information.

    Bug ID CVE references

    1125739

    FortiAnalyzer 7.4.7 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-24474

    1129742

    FortiAnalyzer 7.4.7 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-26466

    1157806

    FortiAnalyzer 7.4.7 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-53845
    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in 7.4.7. To inquire about a particular bug, please contact Customer Service & Support.

    Device Manager

    Bug ID Description

    927113

    FortiAnalyzer displays incorrect EMS server version, IP address, and connectivity status.

    1058791

    Some devices not being authorized, but showing up under "authorized device list".

    Fabric View

    Bug ID Description
    1078817

    The FortiClient EMS Cloud Fabric Connector (existing/newly added) may not function properly, causing FortiAnalyzer to potentially fail in establishing a successful connection with the FortiClient EMS Cloud due to this issue.

    FortiSOC

    Bug ID Description

    872637

    The status of FortiGate Connectors under FortiSOC is intermittently down.

    FortiView

    Bug ID Description
    875592 Admins with read/write access might keep/set filters for different administrators (with read/write access).
    922053 Mismatched Username Detected for the Same IP Address in IOC Compromised Hosts.
    954542 When the time range is extensive, FortiAnalyzer may experience limitations in handling data points, resulting in potential omissions of data entries in the final results for FortiView SD-WAN Monitors widgets.
    989446

    FortiView SD-WAN Bandwidth Overview displays no data.

    1029156 Filter setting is getting shared automatically for users belonging to same LDAP group.
    1046491 FortiView SD-WAN view does not display the proper info for any range higher than "1 last hour".
    1050052 In some cases, the compromised host entry may display different FSSO users and source IPs than the actual users and source IPs on the drill-down page.

    1114751

    The widget "Top SD-WAN SLA Issues" appears empty when a specific interface and "All devices" are selected. This issue may occur if there are at least 10 devices with empty values for latency, jitter, or packet loss.

    Log View

    Bug ID Description

    1075987

    The log is incorrectly displayed as "SSH count" on the log details page of Log View.

    1093743

    Log filter doesn't search more than one IP address for one field.

    1114303

    Privacy masking does not work properly.

    Others

    Bug ID Description

    1001388

    FortiAnalyzer in Collector Mode does not forward logs for all FortiGates to the FortiAnalyzer working in Analyzer Mode.
    1068211 GUI stops working and displays incorrect/partial data and keeps restarting httpd daemon.

    1069672

    On the FortiGate, the log test CLI command shows that logs are queued and the test buttons in the GUI often fail. The issue occurs intermittently.

    1081045

    Some intermittent GUI issues have been observed due to a crash in the 'fazsvcd' daemon.

    1089725

    Progressively slower GUI performance caused by increasing memory usage of the "init" daemon.

    1098690

    After an upgrade, users (prior to the upgrade) who were created and assigned to a custom admin profile (with the super_user_profile enabled) may encounter a GUI issue. Upon successful login, the login prompt disappears, but only the background color remains visible with no additional GUI elements loaded.

    1127437

    When FortiAnalyzer does not have direct Internet access and is configured behind a Web Proxy, the Outbreak Alerts page in the GUI may either appear blank or fail to display properly when accessed by the FortiAnalyzer administrator.

    Reports

    Bug ID Description

    937700

    Source IP on the Report is shown as the Victim in the default Security Analysis report
    1013026

    Network Interface Utilization Charts are blank in Reports.

    1037920

    Query with 'DISTINCT' fails the validation due to relation with 'GROUP BY'.

    1123597

    When the report or chart filter is set to "All Devices", the chart displays data as expected. However, when the report or chart is filtered to a specific device, the message "No matching log data for this report" appears in the chart.

    System Settings

    Bug ID Description
    766197 An admin user limited to a device group can view all device's log.
    985489 When disabling the automatic adjustment for daylight saving time, the date and time on the dashboard update accordingly. However, the date and time of logs received by the FortiAnalyzer in Log View do not appear to update.
    1050063

    FortiAnalyzer experiences issues when log forwarding is configured (Log forward filter).

    1058282

    Remote administrators may be unable to review the Event Logs, as the GUI might display the following message: "Web Server Error 500."

    1080217

    Occasionally, when the FortiAnalyzer is rebooted (for maintenance or upgrade), the FortiGate may lose the FortiAnalyzer's serial number from the config log fortianalyzer settings. This can result in the following error message being displayed on the FortiGate: 'FortiAnalyzer certificate is not verified.'

    Common Vulnerabilities and Exposures

    Visit https://fortiguard.com/psirt for more information.

    Bug ID CVE references

    1125739

    FortiAnalyzer 7.4.7 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-24474

    1129742

    FortiAnalyzer 7.4.7 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-26466

    1157806

    FortiAnalyzer 7.4.7 is no longer vulnerable to the following CVE Reference:

    • CVE-2025-53845
    Previous
    Next