Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in version 6.0.13. For inquires about a particular bug, please contact Customer Service & Support.

Firewall

Bug ID

Description

591731

Cannot reorder shaping policy via GUI or CLI (FG-100F).

539530

Session spike after changing firewall settings.

644225

Challenge ACK is being dropped.

SSL VPN

Bug ID

Description

610995

SSL VPN web mode gets error when accessing internal website at https://st***.st***.ca/.

616879

Traffic cannot pass through FortiGate in SSL VPN web mode if the user is a PKI peer.

662042

The https://outlook.office365.com and https://login.microsoft.com websites cannot be accessed in the SSL VPN web portal.

673017

The traffic for a PKI user cannot pass through SSL VPN.

681413

SSL VPN Proxy Error seen while accessing the bookmark in SSL VPN web mode using client certificate and realm.

System

Bug ID

Description

671982

DoS policy is causing traffic to drop.

680881

Rebooting device causes interface mode to change from static to DHCP.

692943

If an updated FFDB package is found, crash may happen at init_ffdb_map if it is called when ffdb_map or ffdb_app is already in the process of being parsed, especially in HA.

695803

Unable to reorder firewall DoS policy in GUI or CLI.

User & Device

Bug ID

Description

615513, 697304

The scep-url option is truncated to 64 characters, despite the maximum length being 255 characters.

688989

Two-factor authentication can be bypassed with some configurations.

VM

Bug ID

Description

592611

HA not fully failing over when using OCI.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE references

539962

FortiOS 6.0.13 is no longer vulnerable to the following CVE Reference:

  • CVE-2019-5591

677844

FortiOS 6.0.13 is no longer vulnerable to the following CVE Reference:

  • CVE-2021-26092

Resolved Issues

The following issues have been fixed in version 6.0.13. For inquires about a particular bug, please contact Customer Service & Support.

Firewall

Bug ID

Description

591731

Cannot reorder shaping policy via GUI or CLI (FG-100F).

539530

Session spike after changing firewall settings.

644225

Challenge ACK is being dropped.

SSL VPN

Bug ID

Description

610995

SSL VPN web mode gets error when accessing internal website at https://st***.st***.ca/.

616879

Traffic cannot pass through FortiGate in SSL VPN web mode if the user is a PKI peer.

662042

The https://outlook.office365.com and https://login.microsoft.com websites cannot be accessed in the SSL VPN web portal.

673017

The traffic for a PKI user cannot pass through SSL VPN.

681413

SSL VPN Proxy Error seen while accessing the bookmark in SSL VPN web mode using client certificate and realm.

System

Bug ID

Description

671982

DoS policy is causing traffic to drop.

680881

Rebooting device causes interface mode to change from static to DHCP.

692943

If an updated FFDB package is found, crash may happen at init_ffdb_map if it is called when ffdb_map or ffdb_app is already in the process of being parsed, especially in HA.

695803

Unable to reorder firewall DoS policy in GUI or CLI.

User & Device

Bug ID

Description

615513, 697304

The scep-url option is truncated to 64 characters, despite the maximum length being 255 characters.

688989

Two-factor authentication can be bypassed with some configurations.

VM

Bug ID

Description

592611

HA not fully failing over when using OCI.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE references

539962

FortiOS 6.0.13 is no longer vulnerable to the following CVE Reference:

  • CVE-2019-5591

677844

FortiOS 6.0.13 is no longer vulnerable to the following CVE Reference:

  • CVE-2021-26092