Fortinet black logo

Release Notes

Home FortiDeceptor 2.1.0 Release Notes

Resolved issues

2.1.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID f773cac5-b486-11e9-a989-00505692583a:347184
Download PDF

Resolved issues

The following issues have been fixed in FortiDeceptor 2.1.0. For inquires about a particular bug, please contact Customer Service & Support.

Bug ID

Description
0508165 Allow client to create template from deception VM
0526112 Support Read-Only administrative rights in the admin profiles
0559625 Support an option for customers to reset the DCVM immediately once the incidents are detected
0559675 Implement the simulator server for IEC 60870-5-104 protocol
0560549 Export IOCs from FortiDeceptor in CSV format
0568234 Implement the firmware image auto upgrade
0511926 Create deception image upgrade module
0562372 Prepare and release SCADA base image
0562383 Prepare and release Windows 10 base image
0560127 Implement CLI command to purge all DATABASE records
0569466 Add links to Admin Guide and Release Notes to top bar
0555665 XSS vulnerability in Customized Widget Title of the Dashboard web page
0555667 XSS vulnerability in Profile Name of Admin Profile web page
0555669 XSS vulnerability in Common Name and Distinguished Name of LDAP Servers web page
0555673 XSS vulnerability in Email Account and Receiver List of Mails Servers web page
0555674 XSS vulnerability in field Name of Deploy Wizard web page

0556970

Insecure Direct Object Reference vulnerability for the Super Admin

0556971

Insecure Direct Object Reference vulnerability in the FortiDeceptor table customization

0556973

Insecure Direct Object Reference privilege escalation to changing password of another account

0565161

FortiDeceptor reports false alarm SMB incidents

0558993

Deception VMs generate false events by generating traffic to the internet

0558998

Incident and attack map records all connections on the network interface whether the traffic is destined for Deception VM or Not

0566892

Without interaction, Windows Decoy receives traffic from external IP address and Decoy VM reported as Victim

0557758

Unable to create VM's user account if the account already exists

0566890

Trying to access the file share will result in to incidents with no info

0567197

The incident was reported with reversed attacker IP + PORT and victim IP + PORT

0567191

Default Attack map filter doesn’t reflect the recent incidents on the attack map

0550367

Admin without administrative privileges can upgrade firmware through hidden page in the GUI

0571831

Edit administrator failed unless reset password

0566802

Rename Deception Technology terms in PPT/docs

0559677

GUI relabeling

0556008

Need to improve the GUI display for some basic information on incident table

0523123

Change monitored deception IP needs redo conflict validation and initialization

0545885

The input fields for Fabric settings should be sanitized properly before saving into a configuration file

Previous
Next

Resolved issues

The following issues have been fixed in FortiDeceptor 2.1.0. For inquires about a particular bug, please contact Customer Service & Support.

Bug ID

Description
0508165 Allow client to create template from deception VM
0526112 Support Read-Only administrative rights in the admin profiles
0559625 Support an option for customers to reset the DCVM immediately once the incidents are detected
0559675 Implement the simulator server for IEC 60870-5-104 protocol
0560549 Export IOCs from FortiDeceptor in CSV format
0568234 Implement the firmware image auto upgrade
0511926 Create deception image upgrade module
0562372 Prepare and release SCADA base image
0562383 Prepare and release Windows 10 base image
0560127 Implement CLI command to purge all DATABASE records
0569466 Add links to Admin Guide and Release Notes to top bar
0555665 XSS vulnerability in Customized Widget Title of the Dashboard web page
0555667 XSS vulnerability in Profile Name of Admin Profile web page
0555669 XSS vulnerability in Common Name and Distinguished Name of LDAP Servers web page
0555673 XSS vulnerability in Email Account and Receiver List of Mails Servers web page
0555674 XSS vulnerability in field Name of Deploy Wizard web page

0556970

Insecure Direct Object Reference vulnerability for the Super Admin

0556971

Insecure Direct Object Reference vulnerability in the FortiDeceptor table customization

0556973

Insecure Direct Object Reference privilege escalation to changing password of another account

0565161

FortiDeceptor reports false alarm SMB incidents

0558993

Deception VMs generate false events by generating traffic to the internet

0558998

Incident and attack map records all connections on the network interface whether the traffic is destined for Deception VM or Not

0566892

Without interaction, Windows Decoy receives traffic from external IP address and Decoy VM reported as Victim

0557758

Unable to create VM's user account if the account already exists

0566890

Trying to access the file share will result in to incidents with no info

0567197

The incident was reported with reversed attacker IP + PORT and victim IP + PORT

0567191

Default Attack map filter doesn’t reflect the recent incidents on the attack map

0550367

Admin without administrative privileges can upgrade firmware through hidden page in the GUI

0571831

Edit administrator failed unless reset password

0566802

Rename Deception Technology terms in PPT/docs

0559677

GUI relabeling

0556008

Need to improve the GUI display for some basic information on incident table

0523123

Change monitored deception IP needs redo conflict validation and initialization

0545885

The input fields for Fabric settings should be sanitized properly before saving into a configuration file

Previous
Next