Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved issues

The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

824479

Usage profile schedule radio button selection is not applied properly.

827234

SMTP account username and password accepts more than 64 characters but does not save.

823476

User certificate binding status is blank if there are two certificate with same CN.

828722

/api/v1/oauth/token/ gives 500 error.

815465

Download failed message in Automatic CRL download.

827874

LDAP User Sync Rule Test Filter mapping preview does not use its own Base distinguished name for user lookup.

812240

Only the first 5 admin trusted subnets are effective.

819307

Cluster Primary IP changes in the LB node after HA primary reboot.

816686

After upgrading FortiAuthenticator to 6.4.4, authentication via FortiAuthenticator Agents fails.

820256

Admin profile resets to 'Full permission ' when the remote user sync rule has user role set as 'Administrator'.

827716

Changes on syslog server configuration on FortiAuthenticator fails with an internal server error 500.

811368

Remote user sync rule not binding all the certificates to users.

815459

/oauth/verify_token/ endpoint returns 500 server error for remote users.

822273

User Inventory widget is not loading.

824664

Exporting 100K+ LDAP users in FortiAuthenticator fails and shows an empty file.

786610

FortiClient session SSL connection fails.

819028

FortiAuthenticator IdP login returns a JS error.

818109

LDAPS connections using 'All Trusted CAs' fail for FSSO/Domain Manager.

814826

500 Internal Server Error in SAML authentication after multiple wrong password entries with Fido tokens enabled.

685172

FortiAuthenticator A-P running in v6.2.1 do not sync with the secondary unit Pre-authentication warning message, CLI, and GUI Timeout.

758516

FortiAuthenticator HA: cluster out of sync if custom radius dictionary is uploaded; authentication breaks.

831595

CLI - Setting timezone and DNS does not clear GUI settings cache.

826685

Optimize middleware used in FortiAuthenticator.

817100

LB optimizations for bulk Change log updates.

769183

FortiAuthenticator VMs need greater resiliency / improved recovery when connectivity lost to remote data drives.

818813

Memory leak in fac_comm ssl with client cert.

810069

IdP initiated SAML response replay attack.

818129

'Deny' from Push response should count towards invalid attempt for lockout.

820671

FortiAuthenticator Cloud should allow admin to enter Client Application Name for including in the Push payload.

820659

Default Client Application Name is the IdP name instead of the SP name.

820579

Remove step in configuring OTP.

818581

Hide the captive portal options requiring RADIUS support.

830002

XSS observed in the password reset done page.

800714

[3rd party component upgrade required for security reasons] FortiAuthenticator - openLDAP to 2.6.2.

814167

[3rd party component upgrade required for security reasons] FortiAuthenticator - libxml2 to 2.9.14.

824885

[3rd party component upgrade required for security reasons] FortiAuthenticator - curl to 7.84.

831387

Admin user OK button is disabled after editing security question.

833199

JavaScript error when accessing Fine-grained Controls local groups.

833195

JavaScript error when trying to import a Trusted CA.

806472

[FortiAuthenticator Cloud] Creating a webservice key for an admin account on the FortiAuthenticator Cloud is failing; receive 'wrong peer certificate error'.

832127

SAML IdP enable portal button is not working properly.

832110

FortiAuthenticator FQDN/public IP is not working when setting up via GUI until restarted.

824140

Learn Trusted CA feature not working.

824930

Read-only admin profiles giving 403 error when accessing a few pages.

813844

SYN packet sent outside the zero trust tunnel when creating a remote LDAP server with zero trust tunnel.

808982

[FortiAuthenticator Cloud] Allow LDAP browsing should be hidden when editing a user.

808979

[FortiAuthenticator Cloud] Allow Radius authentication should be hidden when editing a user.

804843

[FortiAuthenticator Cloud] 'TACACS+' role option should be hidden when editing a local user.

802750

[FortiAuthenticator Cloud] second in the back schedule is not taking effect.

813148

[FortiAuthenticator Cloud] Role selection options should be removed from admin user page.

816176

Renaming a Portal back to its original name fails, then triggers 500 error on self-service portal user login.

818620

SAML IdP login with IAM user causes radiusd crash.

818081

[FortiAuthenticator Cloud] Full-Permission option for Admin account reverts to No-Access after logging out and back in.

818176

[FortiAuthenticator Cloud] Unable to assign any admin profile or full admin permission to a sub account.

818179

[FortiAuthenticator Cloud] 400 error for any admin account login (primary and sub account) after deleting No-Access Administrator admin profile.

828130

Attribute msDS-SupportedEncryptionTypes is set to 0x1F which includes DES.

810530

FortiAuthenticator FSSO user capacity in GUI on FortiAuthenticator 3000D is incorrect.

817715

[FortiAuthenticator Cloud] Admins included in the user quota calculation.

806544

FortiAuthenticator - HA halts at 'Forming Cluster'.

827303

ZTT: Eliminate WAD inconsistency between first & subsequent connections.

829271

Remote syslog fails when using Secure connection on remote Syslog servers.

Resolved issues

The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

824479

Usage profile schedule radio button selection is not applied properly.

827234

SMTP account username and password accepts more than 64 characters but does not save.

823476

User certificate binding status is blank if there are two certificate with same CN.

828722

/api/v1/oauth/token/ gives 500 error.

815465

Download failed message in Automatic CRL download.

827874

LDAP User Sync Rule Test Filter mapping preview does not use its own Base distinguished name for user lookup.

812240

Only the first 5 admin trusted subnets are effective.

819307

Cluster Primary IP changes in the LB node after HA primary reboot.

816686

After upgrading FortiAuthenticator to 6.4.4, authentication via FortiAuthenticator Agents fails.

820256

Admin profile resets to 'Full permission ' when the remote user sync rule has user role set as 'Administrator'.

827716

Changes on syslog server configuration on FortiAuthenticator fails with an internal server error 500.

811368

Remote user sync rule not binding all the certificates to users.

815459

/oauth/verify_token/ endpoint returns 500 server error for remote users.

822273

User Inventory widget is not loading.

824664

Exporting 100K+ LDAP users in FortiAuthenticator fails and shows an empty file.

786610

FortiClient session SSL connection fails.

819028

FortiAuthenticator IdP login returns a JS error.

818109

LDAPS connections using 'All Trusted CAs' fail for FSSO/Domain Manager.

814826

500 Internal Server Error in SAML authentication after multiple wrong password entries with Fido tokens enabled.

685172

FortiAuthenticator A-P running in v6.2.1 do not sync with the secondary unit Pre-authentication warning message, CLI, and GUI Timeout.

758516

FortiAuthenticator HA: cluster out of sync if custom radius dictionary is uploaded; authentication breaks.

831595

CLI - Setting timezone and DNS does not clear GUI settings cache.

826685

Optimize middleware used in FortiAuthenticator.

817100

LB optimizations for bulk Change log updates.

769183

FortiAuthenticator VMs need greater resiliency / improved recovery when connectivity lost to remote data drives.

818813

Memory leak in fac_comm ssl with client cert.

810069

IdP initiated SAML response replay attack.

818129

'Deny' from Push response should count towards invalid attempt for lockout.

820671

FortiAuthenticator Cloud should allow admin to enter Client Application Name for including in the Push payload.

820659

Default Client Application Name is the IdP name instead of the SP name.

820579

Remove step in configuring OTP.

818581

Hide the captive portal options requiring RADIUS support.

830002

XSS observed in the password reset done page.

800714

[3rd party component upgrade required for security reasons] FortiAuthenticator - openLDAP to 2.6.2.

814167

[3rd party component upgrade required for security reasons] FortiAuthenticator - libxml2 to 2.9.14.

824885

[3rd party component upgrade required for security reasons] FortiAuthenticator - curl to 7.84.

831387

Admin user OK button is disabled after editing security question.

833199

JavaScript error when accessing Fine-grained Controls local groups.

833195

JavaScript error when trying to import a Trusted CA.

806472

[FortiAuthenticator Cloud] Creating a webservice key for an admin account on the FortiAuthenticator Cloud is failing; receive 'wrong peer certificate error'.

832127

SAML IdP enable portal button is not working properly.

832110

FortiAuthenticator FQDN/public IP is not working when setting up via GUI until restarted.

824140

Learn Trusted CA feature not working.

824930

Read-only admin profiles giving 403 error when accessing a few pages.

813844

SYN packet sent outside the zero trust tunnel when creating a remote LDAP server with zero trust tunnel.

808982

[FortiAuthenticator Cloud] Allow LDAP browsing should be hidden when editing a user.

808979

[FortiAuthenticator Cloud] Allow Radius authentication should be hidden when editing a user.

804843

[FortiAuthenticator Cloud] 'TACACS+' role option should be hidden when editing a local user.

802750

[FortiAuthenticator Cloud] second in the back schedule is not taking effect.

813148

[FortiAuthenticator Cloud] Role selection options should be removed from admin user page.

816176

Renaming a Portal back to its original name fails, then triggers 500 error on self-service portal user login.

818620

SAML IdP login with IAM user causes radiusd crash.

818081

[FortiAuthenticator Cloud] Full-Permission option for Admin account reverts to No-Access after logging out and back in.

818176

[FortiAuthenticator Cloud] Unable to assign any admin profile or full admin permission to a sub account.

818179

[FortiAuthenticator Cloud] 400 error for any admin account login (primary and sub account) after deleting No-Access Administrator admin profile.

828130

Attribute msDS-SupportedEncryptionTypes is set to 0x1F which includes DES.

810530

FortiAuthenticator FSSO user capacity in GUI on FortiAuthenticator 3000D is incorrect.

817715

[FortiAuthenticator Cloud] Admins included in the user quota calculation.

806544

FortiAuthenticator - HA halts at 'Forming Cluster'.

827303

ZTT: Eliminate WAD inconsistency between first & subsequent connections.

829271

Remote syslog fails when using Secure connection on remote Syslog servers.