Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

This section lists the resolved issues of this release, but is not a complete list. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Bug ID

Description

0735383 Report pages become unavailable after upgrading to FortiWAN 4.5.9.
Common Vulnerabilities and Exposures

FortiWAN 4.5.9 is no longer vulnerable to the CVE-References in the below table.

For more information, visit https://www.fortiguard.com/psirt.

Bug ID

Description

0769987 CVE-2021-41184, CVE-2021-41183, CVE-2021-41182
0758509 CVE-2021-25219
0757445 CVE-2021-21703
0744294 CWE-788: Access of Memory Location After End of Buffer

0722570

CWE-79: Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")

0720032/ 0720031/ 0720030/ 0720029/ 0719701/ 0718189/ 0717225/ 0715967

CWE-121: Stack-based Buffer Overflow

0719675/ 0718490/ 0718187/ 0714980

CWE-78: Improper Neutralization of Special Elements used in an OS Command ("OS Command Injection")

0718186

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

0716614/ 0714977

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection")

0715949

CWE-760: Use of a One-Way Hash with a Predictable Salt

Resolved Issues

This section lists the resolved issues of this release, but is not a complete list. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Bug ID

Description

0735383 Report pages become unavailable after upgrading to FortiWAN 4.5.9.
Common Vulnerabilities and Exposures

FortiWAN 4.5.9 is no longer vulnerable to the CVE-References in the below table.

For more information, visit https://www.fortiguard.com/psirt.

Bug ID

Description

0769987 CVE-2021-41184, CVE-2021-41183, CVE-2021-41182
0758509 CVE-2021-25219
0757445 CVE-2021-21703
0744294 CWE-788: Access of Memory Location After End of Buffer

0722570

CWE-79: Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting")

0720032/ 0720031/ 0720030/ 0720029/ 0719701/ 0718189/ 0717225/ 0715967

CWE-121: Stack-based Buffer Overflow

0719675/ 0718490/ 0718187/ 0714980

CWE-78: Improper Neutralization of Special Elements used in an OS Command ("OS Command Injection")

0718186

CWE-327: Use of a Broken or Risky Cryptographic Algorithm

0716614/ 0714977

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ("SQL Injection")

0715949

CWE-760: Use of a One-Way Hash with a Predictable Salt