Resolved Issues
The following issues have been fixed in 6.2.1. For inquires about a particular bug, please contact Customer Service & Support.
Bug ID |
Description |
---|---|
460615 | FortiManager should adjust Radius configuration on SSID when renaming a Radius server. |
482441 | VPN Phase 2 Address Selector is not updated when Named Address is updated in Policy and Objects. |
500037 | FortiToken provision does not work. |
500922 | When renaming a local certificate in Device Manager, the related dynamic mapping is not updated. |
508020 | Web & IPS conflict information is not visible while importing Policy Package. |
513317 | FortiManager may fail to install policy after FortiGate failover on Azure. |
523208 | FortiManager may try to unset category for user device when installing policy package. |
523228 | Search in zone does not work after upgrade. |
524684 | API request returns all the devices even when the user does not have access to other ADOMs. |
529771 | Upgrading ADOM may be very timing consuming. |
531162 | FortiManager may try to push unexpected changes after ADOM upgrade. |
533603 | Policy hit count needs to support proxy policy. |
533835 | After upgrade, the URL, pm/pkg/adom/<adom_name>/<name>/scope member, returns the error: The data is invalid for selected url. |
534220 | Users cannot add entries for per device mapping with existing VIP group when a VIP binds to a port that is part of SD-WAN. |
534468 | Vulnerability scan should not disrupt HA or trigger re-synchronization. |
534847 | CLI Script fails to change config system auto-update schedule settings with invalid value error. |
535521 | Encrypt Log Transmission for FortiAnalyzer is not properly configured within Device Manager. |
536113 | AP Manager is still trying to 'unset wtp-mode remote' when the option is configured on FortiGate. |
538915 | Firmware version is not displayed on NOC - SOC page. |
538934 | When configuration file is large, installing to device may delete configuration on FortiGate. |
540657 | There is an ordering issue on admin users where multiple wildcard users are configured on the same server. |
540684 | Verification fails after moving VDOM across vclusters from FortiGate GUI followed by an auto-update. |
541157 | GUI should support proxy address. |
541880 | The dmserver daemon may crash when installing to multiple devices and CPU usage reaches 100%. |
542024 | 'Where Used' may not point to the entity using the object. |
543133 | Global user groups are not listed when creating an SSID in Per-Device AP management mode. |
543734 | Key Type specified as elliptic curve is not functional when generating a CSR. |
544121 | Installation log is missing due to dpm-logsize limited to 10 MB. |
544142 | Installation fails due to DNS server "SameasInterfaceIP" option inside device interface configuration. |
544580 | Two SSL-SSH profiles added by FortiManager may cause installation issues. |
544880 | FortiManager should not allow adding loopback interface to a zone. |
544886 | When importing device list of multiple model devices with PSKs, FortiManager prompts the error,"Serial number already in use". |
545143 | Adding wildcard FQDN for SSL inspection exemption list from FortiManager fails. |
546340 | If a script is used to update SNMP passwords with "?" character, the installation fails during validation. |
547361 | AP Profile in AP Manager offers redundant options for specific AP models which can lead to failed installation. |
548320 | User should be able to create a FortiGate admin account with Restricted Administrator to Guest Account Provisioning Only option selected with VDOM(s) guest group(s). |
548416 | Changes on Existing Static Route is not displayed on Installation Preview. |
549159 | FortiManager may have a memory leak when running copy & install with a sub-admin. |
549638 | MAC address Access Control List entries under DHCP server get duplicated when editing an entry. |
549647 | It is possible to cause a DoS for remote user authentication by trying to login with a password of specific length. |
550237 | Read-only admin should not be allowed to add detected devices. |
550239 | System SNMP user is missing the value 'aes256cisco' for the field 'priv-proto'. |
550240 | FortiGuard service event logs should always be generated with an internal FortiManager user. |
550502 | Installing DDoS policies via a CLI script may fail. |
551057 | FortiManager does not give an option to choose RSA4096 and Elliptic Curve algorithms in certificates. |
551072 | Assignment of 'object-tag' from 5.6 Global ADOM to 6.0 ADOM should not fail. |
551077 | FortiManager may not be able to import policies from FortiGate SLBC. |
551096 | FortiMeter Program License is expired and it is displayed as FREZ even though FortiGate Traffic is still passing. |
551392 | A failed retrieve operation may result in empty device configuration. |
551701 | FortiManager is unable to set OSPF Interface Network Type as P2MP. |
552069 | FortiManager may fail to install local certificate on FortiGate and private key is missing after saving the configuration. |
552192 | The fmgd daemon may crash after upgrading FortiManager. |
552991 | FortiManager prompts Runtime Error when trying to import an AP profile that has a SSID with space character. |
553491 | Enabling or disabling multiple interfaces should be allowed in Device Manager. |
553704 | FortiManager may be stuck at loading when using the "Find Duplicate Objects" function. |
554092 | FortiManager is unable to use interface member of a zone as Source Interface filter for VIP object. |
554094 | FortiManager may not be able to upgrade ADOM from 5.4 to 5.6 with the error, "Fail(errno=0):invalid value". |
554154 | FortiManager should be able to select multiple FortiExtenders for upgrade from the Extender Tab. |
554608 | FortiManager should be able to save longer description for SD-WAN template. |
554857 | Policy package does not go out-of-sync after VPN manager is enabled. |
555635 | Certificate is not visible on GUI after restoring the configuration which was exported from FortiManager. |
555796 | Installing policy on 6K series FortiGate may remove the interface setting "set forward-error-correction rs-fec". |
556609 | When user wants to move a policy package to a different folder, the pop-up window does not list folders in alphabetical order. |
557355 | FortiManager may not connect to Fortiguard when fds-ssl-protocol is set to either tlsv1.1 or tlsv1.2. |
558781 | GUI response is slow with a large numbers of address objects. |
559104 | Incorrect ADOM name may be displayed in where Used. |
559112 | FortiManager may not be able to edit a proxy policy that was inserted above or below. |
559751 | Duplicated ##seq appears in policy packages and they cannot be fixed with diagnose command. |
559844 | FortiManager may not be able to set client-idle-timeout to 0 in device database. |
560410 | FortiManager may not accept the Log FortiAnalyzer setting without FortiAnalyzer serial number. |
560694 | If hitcount is updated while ADOM is locked, policies matched by traffic are highlighted as modified. |
561033 | SD-WAN Bandwidth Overview widget may not display the correct data. |
561279 | The newcli process may crash when running the "diagnose cdb upgrade check +all" command. |
562160 | FortiManager should be able to create dynamic mapping for object-tagging category. |
563169 | When user changes webfilter settings, username in last modified column should always be updated. |
565016 | The exchange-interface-ip should be available in VPN Manager. |
565436 | After FortiManager processed many auto-update requests, FortiManager may not be able to create a new revision. |
565970 | One specific unused adgrp is getting pushed to FortiGate that does not use FSSO anywhere. |
566912 | FortiManager should support firmware upgrade for FortiExtender 200 series. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
Vulnerability |
---|
FortiManager 6.2.1 is no longer vulnerable to the issue described in the following link - https://fortiguard.com/psirt/FG-IR-19-144. |
Bug ID | Description |
---|---|
542636 |
FortiManager 6.2.1 is no longer vulnerable to the following CVE Reference:
|