Fixed issues
Issues resolved in 18.0 MR4 build 506:
- NC-59149 [API framework] CSC stops responding since all 16 workers remain busy.
- NC-50703 [Authentication] Access server restarted with coredump using STAS and Chrome SSO.
- NC-54576 [Authentication] Sophos Connect client connections exhaust the virtual IP pool.
- NC-57273 [Authentication] Need to create users for RADIUS in UPN format.
- NC-59129 [Authentication] Authentication fails due to SSL VPN (MAC BINDING). Logging doesn't carry any information for the cause.
- NC-61017 [AWS] AWS: TX-DRP increases constantly and affects production traffic.
- NC-59574 [Base System (deprecated)] Sometimes hotfix timer is deleted.
- NC-58587 [Clientless Access] Clientless access service crashes.
- NC-59411 [DNS] Unable to add underscore character in DNS host entry.
- NC-54604 [Email] POPs/IMAPs (warren) dropping connection due to SSL cache error.
- NC-59897 [Email] Specific inbound mail not being scanned for malware.
- NC-60858 [Email] PDF attachment in inbound email got stripped by email protection.
- NC-63870 [Email] Firewall creates infinite connections to itself on Port 25.
- NC-59406 [Firewall] Kernel crashed due to conntrack loop.
- NC-59809 [Firewall] Loopback rule not hit when created using server access assistance (DNAT) wizard and WAN interface configured with network rather than host.
- NC-59929 [Firewall] Firewall rules not visible on GUI. Page stuck on loading.
- NC-60078 [Firewall] WAF: Certificate can't be edited for API XML import.
- NC-61226 [Firewall] Different destination IP address is shown in log viewer for Allow and Drop firewall rule when DNAT is on.
- NC-61250 [Firewall] Memory leak (snort) on XG 430 rev. 2 running SFOS v18.
- NC-61282 [Firewall, HA] Failed to enable HA when a new XG Firewall replaces an existing XG Firewall.
- NC-62001 [Firewall] Kernel panic on XG 550.
- NC-62196 [Firewall] Policy test for firewall, SSL/TLS and web with day doesn't match schedule rule.
- NC-63429 [Firewall] Kernel stack is corrupted in bitmap hostset netlink dump.
- NC-65492 [Firewall] User isn't able to generate access code for policy override.
- NC-59747 [Firmware Management] Upgrade to 18.0 SR4 failed on Azure.
- NC-58618 [FQDN] [coredump] fqdnd in Version 18.0.2.
- NC-62868 [HA] HA - Certificate sync fails in auxiliary device.
- NC-64269 [HA] IPv6 MAC-based rule not working when traffic is load balanced to the auxiliary device.
- NC-64907 [HA] Auxiliary appliance crashes when broadcast packet is generated from it.
- NC-65158 [Hotspot] Voucher export shows encrypted PSKs with secure storage master key.
- NC-57661 [IPS-DAQ-NSE] [NEMSPR-98] Browser "insecure connection" message when NSE is on but not decrypting.
- NC-58391 [IPS-DAQ-NSE] TLS inspection causing trouble with incoming traffic.
- NC-61498 [IPS-DAQ-NSE] Symantec endpoint updates URL failed when DPI interferes.
- NC-63242 [IPS-DAQ-NSE] SSL/TLS inspection causing outbound traffic issues with Veeam backups.
- NC-59774 [IPsec] Charon shows dead status.
- NC-59775 [IPsec] Sporadic connection interruption to local XG Firewall after IPsec rekeying.
- NC-60361 [IPsec] Incorrect IKE_SA proposal combination being sent intermittently by XG Firewall during IKE_SA rekeying.
- NC-61092 [IPsec] Strongswan not creating default route in table 220.
- NC-62749 [IPsec] Responder not accepting SPI values after its ISP disconnects.
- NC-61101 [L2TP] Symlink not created for L2TP remote access.
- NC-62729 [L2TP] L2TP connection on alias interface not working since update to 18.0.
- NC-59563 [Licensing] Apostrophe in email address prevents the "Administration" menu from loading.
- NC-63117 [Logging Framework] Garner is core-dumping frequently.
- NC-61535 [Network Utils] Diagnostics, tools, ping utility not working with PPPoE interface.
- NC-62654 [nSXLd] NSXLD Coredump caused the device not to respond.
- NC-59724 [RED] Backup from 17.5 MR10 doesn't restore on 18.0.
- NC-60081 [RED] Unable to specify username and password when using GSM 3G/UMTS failover.
- NC-60158 [RED] FQDN host group appearing in RED standard-split network configuration.
- NC-60854 [RED] RED S2S tunnel static routes disappear on firmware update.
- NC-63803 [RED] FailSafe mode after backup restore. Unable to start RED service.
- NC-55003 [Reporting] Keyword search engine report not working.
- NC-59106 [Reporting] Security Audit Report (SAR) missing information under "Number of attacks by severity level".
- NC-60430 [Reporting] XG Firewall sends duplicate copies of schedule executive report.
- NC-60851 [Reporting] Scheduled reports aren't sent.
- NC-62804 [SecurityHeartbeat] Registration to central security heartbeat doesn't work through upstream proxy.
- NC-62182 [SFM-SCFM] Administrator unable to change password of 18.0 device from SFM/CFM.
- NC-61313 [SNMP] Memory utilization mismatch between UI and atop/SNMP.
- NC-64454 [SNMP] XG 86: /tmp partition becomes 100 per cent full due to snmpd logs.
- NC-53896 [SSLVPN] Enforce TLS 1.2 on SSL VPN connections.
- NC-60302 [SSLVPN] All the SSL VPN live connected users get disconnected when administrator changes the group of a single SSL VPN connected user.
- NC-60184 [UI Framework] Missing HTTP security headers for HSTS and CSP.
- NC-61206 [Up2Date Client] Firewall fails to fetch hotfixes and ppatterns: File /conf/certificate/u2dclient.pem missing.
- NC-62689 [VFP-Firewall] When FastPath (firewall-acceleration) is on, traceroute shows time-out on the XG Firewall hop.
- NC-63783 [VFP-Firewall] Unable to start IPS.
- NC-64470 [VFP-Firewall] Auto reboot/nmi_cpu_backtrace due to VFP. Turning off firewall acceleration fixed the issue.
- NC-63058 [VirtualAppliance] Incorrect virtual XG Firewall model name appears in GUI and CLI.
- NC-47994 [Web] Pattern updates for SAVI and AVIRA are failing.
- NC-54173 [Web] URL Group: Add URL control fails when there's leading or trailing white space.
- NC-51888 [WebInSnort] IPP/AirPrint not accessible after upgrade of software appliance firmware to 18.0 EAP1.
- NC-54978 [WebInSnort] When an HTTPS connection isn't decrypted, reports show a hit to the site but no bytes are sent or received.
- NC-62448 [WebInSnort] Core dump on Snort.
- NC-63515 [WebInSnort] NSE: Unsupported EC type with application control and web policy.
- NC-64875 [WebInSnort] HTTP pipelining errors in DPI mode with non-pipelined traffic.
- NC-60615 [Firmware] Ambiguous alert shown during firmware upgrade to 18.0 MR1 for HA.
- NC-59809 [NAT] Loopback rule created using server access assistant and WAN interface configured with network not matched.
- NC-61507 and NC-52716 [Route-based VPN] XFRM traffic dropped when there's a NAT MASQ rule on the listening interface.
Issues resolved in 18.0 MR3 build 457:
- NC-58229 [Authentication] Failing Sophos AV and Avira AV pattern updates.
- NC-51876 [Core Utils] Weak SSHv2 key exchange algorithms.
- NC-58144 [DNS] XG Firewall reporting its own lookups in ATP causing a flood of events.
- NC-54542 [Email] Email banner added to incoming emails.
- NC-59396 [Email] Blocked senders able to send emails.
- NC-58159 [Firewall] Unable to ping external IP addresses from the auxiliary appliance console.
- NC-58356 [Firewall] Direct proxy traffic doesn't work when RBVPN is configured.
- NC-58402 [Firewall] Firewall restarts randomly.
- NC-59399 [Firewall] ERROR(0x03): Failed to migrate configuration. Loading the default configuration.
- NC-60713 [Firewall] User portal hotspot voucher configuration times out.
- NC-60848 [Firewall] HA cluster: Both devices restart unexpectedly.
- NC-59063 [Firmware Management] Remove expired CAs from SFOS.
- NC-44455 [HA] System-originated traffic not flowing from the auxiliary device when SNAT policy is configured for system-originated traffic.
- NC-62850 [HA] Filesystem anomaly in /conf.
- NC-58295 [IPsec] Dropped due to TLS engine error: STREAM_INTERFACE_ERROR.
- NC-58416 [IPsec] IKE SA re-keying doesn't re-initiate itself after re-transmission time-out of 5 attempts.
- NC-58499 [IPsec] Sophos Connect client "IP is supposed to be added in the ##ALL_IPSEC_RW".
- NC-58687 [IPsec] IPsec tunnel not re-initiated after PPPoE reconnect.
- NC-58075 [Netflow/IPFIX] Netflow data not sending interface ID.
- NC-55698 [nSXLd] Unable to add new domain in custom category.
- NC-62029 [PPPoE] PPPoE link doesn't reconnect after disconnecting.
- NC-57819 [RED] XG Site-to-site RED tunnel disconnects randomly with 17.5.MR10 and 18.0.
- NC-60240 [RED] Interfaces page is blank after adding SD-RED 60 with PoE selected.
- NC-61509 [RED] RCA site-to-site RED tunnel static routes disappear with firewall update.
- NC-59204 [SFM-SCFM] Task queue pending but never applies with XG 86W appliance.
- NC-60599 [SFM-SCFM] Task queue pending but never applies because of improper encoding.
- NC-62304 [SFM-SCFM] Notification email sent from XG Firewall shows the wrong Sophos Central administrator.
- NC-61956 [UI Framework] Web admin console and user portal not accessible because of space issue in certificate name.
- NC-62218 [UI Framework] Post-auth command injection through the user portal 1/2 (CVE-2020-17352).
- NC-62222 [UI Framework] Post-auth command injection through the user portal 2/2 (CVE-2020-17352).
- NC-58960 [Up2Date Client] HA: IPS service observed DEAD.
- NC-59064 [Web] Appliance becomes unresponsive: awarrenhttp high memory consumption.
- NC-60719 [WebInSnort] DPI engine intermittently causing website to load slowly.
- NC-61367 [CAPTCHA] CAPTCHA issue for IPv6 on LAN zone is resolved.
- NC-58463 [Sandbox]: Firewall changes data centers losing job results.
Issues resolved in 18.0 MR1 build 396:
- NC-30903 [Authentication] STAS configuration can be edited through the GUI on AUX machine.
- NC-50703 [Authentication] Access server restarted with coredump using STAS and Chrome SSO.
- NC-50716 [Authentication] Cannot import LDAP server through the XMLAPI if client certificate is "None".
- NC-54689 [Authentication] Support download certificate for iOS 13 and above.
- NC-55277 [Authentication] Service "Chromebook SSO" is missing on Zone page.
- NC-51660 [Backup-Restore] Restore failed using a backup of XG135 on SG230 appliance.
- NC-55015 [Bridge] Wi-Fi zone is not displayed while creating bridge.
- NC-55356 [Bridge] TCP connection fails for VLAN on bridge with HA Active-Active when source_client IP address is odd.
- NC-52616 [Certificates] Add support for uploading of CRLs in DER format.
- NC-55739 [Certificates] EC certificate shows up as "RSA" in SSLx CA certificate drop-down list.
- NC-55305 [CM (Zero Touch)] System doesn't restart on changing time zone when configured through ZeroTouch.
- NC-55617 [CM (Zero Touch)] Wrong error message in log viewer after ZeroTouch process.
- NC-55909 [Core Utils] Unable to see application object page on SFM.
- NC-30452 [CSC] Dynamic interface addresses not showing on AUX after failover.
- NC-55386 [Dynamic Routing (PIM)] PIM-SM import fails with LAG as dependent entity.
- NC-55625 [Dynamic Routing (PIM)] In HA with multicast interface, routes are not getting updated in the AUX routing table.
- NC-55461 [Email] After adding or editing FQDN host with smarthost, it is not displayed on the list until the page is refreshed.
- NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503).
- NC-55635 [Firewall] Display filter for forwarded traffic is not working properly on packet capture page.
- NC-55657 [Firewall] HA backup restore fails when port name is different in backup and appliance.
- NC-55884 [Firewall] IPS policy ID and appfilter ID not displaying in firewall allow log in the log viewer.
- NC-55943 [Firewall] Failed to resume existing connection after removal of heartbeat from firewall configuration.
- NC-57084 [Firewall] Custom DMZ not listed in dedicated link HA configuration.
- NC-44938 [Firmware Management, UX] Web UI does not show reasons for firmware upload failure.
- NC-55756 [Gateway Management] Gateway isn't deleted from SFM UI after being deleted from SFM.
- NC-55552 [HA] WWAN interface showing in HA monitoring ports.
- NC-55281 [Import-Export Framework] Full configuration import fails when using third-party certificate for webadmin setting.
- NC-55171 [Interface Management] VLAN Interface IP is not assigned via DHCP when gateway name uses some special characters.
- NC-55442 [Interface Management] DNS name lookup showing incorrect message.
- NC-55462 [Interface Management] Import fails on configuring Alias over VLAN.
- NC-55659 [Interface Management] Invalid gateway IP and network IP configured using API for IPv6.
- NC-56733 [Interface Management] Patch PPPd (CVE-2020-8597).
- NC-51776 [IPS Engine] Edit IPS custom rule protocol doesn't work after creation.
- NC-51558 [IPsec] Add warning message before deleting xfrm IPsec tunnel.
- NC-55309 [Logging] Local ACL rule not created through log viewer for IPv4 and IPv6.
- NC-50413 [Logging Framework] Gateway up event log for PPPoE interface not always shown in the log viewer.
- NC-55346 [Logging Framework] Clear All for "Content filtering" does not clear SSL/TLS filter option.
- NC-56831 [Policy Routing] SIP traffic doesn't work at times with SD-WAN policy route.
- NC-46009 [SecurityHeartbeat] Spontaneous reconnect of many endpoints.
- NC-51562 [SecurityHeartbeat] Heartbeat service not started after HA failover.
- NC-52225 [Synchronized App Control] SAC page loading issues as the list of apps increases.
- NC-54078 [UI Framework] Internet Explorer UI issue on certain rules and policies pages.
- NC-56821 [Up2Date Client] SSL VPN downloading with 0 KB.
- NC-54007 [Web] File type block messages sometimes contain mimetype rather than file type.
- NC-60108 [API Framework] Pre-auth SQLi in API interface OPCODE.
- NC-59156 [CSC] Traffic not passing after upgrade to SF 18.0 MR1.
- NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094.
- NC-23160 [Firewall] LAN test failed in Port3 in SFLoader for 125/135 desktop model.
- NC-59586 [Network Utils] Remove MD5 remnant.
- NC-46109 [RED] No proper forwarding if bridging 3 or more RED site-to-site tunnels on XG Firewall.
- NC-50796 [RED] All RED site-to-site tunnels restart when configuring one RED interface.
- NC-60162 [Reporting] Error 500 displayed for web admin console and user portal after HF4.1 applied on virtual XG Firewall.
- NC-60171 [Security, UI Framework] Admin to super admin privilege escalation.
- NC-59427 [SFM-SCFM] SQLi in user portal.
- NC-59932 [UI Framework] Unable to sign in to the user portal or web admin console using IE after HF4.1.
Issues resolved in build 379:
- NC-59408 [API Framework, UI Framework] SQLi prevention in hybrid request - ORM fields and mode parameters (CVE-2020-12271).
- NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503).
- NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094.
- NC-59454 [UI Framework] Enable apache access logs.
Issues resolved in build 354:
- NC-57910 [Base System (deprecated)] Unable to upgrade from 17.5 MR9 to 18.0 GA.
- NC-56732 [Firewall] Kernel panic after update to 18.0 GA due to SSLVPN.
- NC-57067 [IPsec] Sophos Connect lease doesn't support more than 255 IP addresses in the address range.
Issues resolved in build 339:
- NC-54339 [Config Migration Framework] 17.5 MR10 to 18.0 GA migration support
- NC-56550 [Policy Routing] SD-WAN policy routing screen smudge with blue strip
- NC-56201 [RED] Backup/Restore failure from 17.5 MR9 to 18.0 with specific RED configuration
- NC-56397 [Web] Certificate error received by the user
Issues resolved in build 321:
- NC-33664 [App Signature] Unable to block Psiphon
- NC-42675 [Authentication] access_server returns 'Login Failed' if two awarrenhttp threads call in at same time
- NC-44686 [Authentication] Import/export of AUTHCTA has missing and incorrect values
- NC-48116 [Authentication] Importing users via csv file with special character in password fails
- NC-50521 [Authentication] User group assignment issue with LDAP users
- NC-54642 [Authentication] Authentication not working due to high CPU utilization of access_server
- NC-50136 [Backup-Restore] ISP failover for 2 PPPoE connections is not working for local LAN systems
- NC-51979 [Backup-Restore] Can't reflect time zone from restoring backup file after factory resetting
- NC-32336 [Base System] gpg vulnerability (CVE-2018-12020)
- NC-42490 [Base System] Validation function for legacy objects does not get called
- NC-55640 [Bridge] Firewall rule id not matching if traffic is going into wifi interface
- NC-45935 [Certificates] Fingerprint not updated on Default CA regenerate event
- NC-49023 [Certificates] Webproxy signing with non default certificate when using HTTPS Scanning
- NC-54562 [Certificates] CAs are missing after update from v18 EAP2 to EAP3
- NC-29869 [Clientless Access(HTTP/HTTPS)] "Internal Server Error" after adding many VPN bookmarks
- NC-48516 [Config Migration Framework] Configuration migration log on console is wrong in case of failed migration
- NC-55270 [Config Migration Framework] Report migration failed
- NC-49648 [CSC] API Get BridgePair requests sometimes report incorrectly "No. of records Zero."
- NC-52857 [CSC] One time scheduler doesn't work as expected in case of DST
- NC-51717 [DDNS, Email] DDNS uses wrong IP when interface is configured with PPPoE + Alias
- NC-38763 [DHCP] IP not leased to DHCP only interface when update from stateless
- NC-38795 [DHCP] IPv6 not removed from DB while disable DHCPv6 manage flags from RA server
- NC-38930 [DHCP] Editing DHCPv6 interface with auto configuration does not get IP from DHCPv6 server
- NC-39157 [DHCP] DHCPv6 client option "Accept other configuration from DHCP" is not working
- NC-50214 [DHCP] DHCP server dead with specific configuration
- NC-51957 [Documentation] Showing fastpath load failed with command "console> system firewall-acceleration show"
- NC-48712 [Email] Antivirus service in stopped state, cannot recover it
- NC-51340 [Email] Mailscanner child process causing OOM events when editing blocked senders list
- NC-51347 [Email] Error message "undefined" received when trying to add host
- NC-51883 [Email] API error 599 when performing GetRequest for various email modules
- NC-52212 [Email] Reject/Drop action not work correctly for oversized mails
- NC-53016 [Email] Email Blocked Senders cannot be updated
- NC-55138 [Email] SAVI AV update failed
- NC-22659 [Firewall] IPtable chains not created for firewall rule whose name contains blackslash '\\\\\'
- NC-30482 [Firewall] DNAT rules stop working after every reboot when migrating from UTM to SFOS
- NC-36616 [Firewall] Firewall group not available in APIhelpdoc
- NC-37775 [Firewall] Configuring over 20 time schedulers on the various firewall rules is causing CSC freeze
- NC-43017 [Firewall] Full config export does not include Security Policy group
- NC-43415 [Firewall] In the firewall rule, types of services are not translated
- NC-48803 [Firewall] Virtual Host update is calling on every FQDN IP update even its not used in virtual host configuration
- NC-49101 [Firewall] Group description delete issue in firewall
- NC-49678 [Firewall] Default ICMP service not matching in policy test tool
- NC-50222 [Firewall] Firewall rule position display is incorrect on rule deletion
- NC-50549 [Firewall] Drop packet does not show all the information for firewall rule ID 0 drop compare to v17.5
- NC-50712 [Firewall] NAT rules UI error
- NC-50949 [Firewall] Wrong ARP behavior in relation to DNAT rules
- NC-51867 [Firewall] Denied firewall logs send to garner for allowed firewall rule even if logging is disabled
- NC-51964 [Firewall] DNAT rule stopped working after every reboot
- NC-52395 [Firewall] Getting wrong username in admin event for firewall rule group name update
- NC-52429 [Firewall] Web access lost for 10+ minutes after HA fail-over
- NC-52638 [Firewall] WAF is not able to connect to webserver via IPsec tunnel
- NC-52662 [Firewall] Continuous receiving 'fw_fp_invalidate_microflows:459: Queueing invalidate work ffff8801ed1bb5c0' error in syslog
- NC-52853 [Firewall] Observed feedback channel plugin of garner core dump on XG330
- NC-52873 [Firewall] Kernel warning message 'RIP: 0010:tcp_send_loss_probe+0x13f/0x1c0' observed in syslog
- NC-53364 [Firewall] Firewall rules are not getting created correctly using XML API
- NC-53988 [Firewall] Kernel panic on XG450 appliance
- NC-54038 [Firewall] Wrong notification message displayed after disabling firewall rule
- NC-55261 [Firewall] Appliance crashing with Kernel Panic
- NC-55789 [Firewall] Ipuser ipset dumps when user is authenticated via STAS
- NC-47482 [Firmware Management] Firmware mismatch issue - both firmware slots showing same firmware
- NC-52441 [Firmware Management] Some time firmware 'install' opcode getting timeout and installation failed
- NC-38800 [HA] Incorrect error message when configure HA A-A with DHCP interface
- NC-39015 [HA] Unable to configure peer administration port for HA A-P when one of IP family of the interface is Dynamic IP assignment
- NC-30485 [Import-Export Framework] Export full configuration some time fails with error - 'The request could not be completed'
- NC-39229 [Interface Management] XG unsynced with SFM when unbind any interface from SFM
- NC-46514 [Interface Management] Cyberoam backup restore fails when DHCPv6 interface configured
- NC-48450 [Interface Management] Table for interface widget is not visible in control center page
- NC-49938 [Interface Management] Some time traffic drop in bridge mode
- NC-48956 [IPS Engine] Modify IPS TCP Anomaly Detection setting to disabled in default setting
- NC-53875 [IPS Engine] IPS keeps getting started because of page allocation failure
- NC-51568 [IPS-DAQ] Coredump in snort
- NC-52085 [IPS-DAQ] Wget not working for IPv6 sites in bridge mode - SSL decrypt not working
- NC-53363 [IPS-DAQ] Internet traffic hang and all traffic dropped
- NC-52641 [IPS-DAQ-NSE] IPS Service DEAD
- NC-54310 [IPS-DAQ-NSE] CC terminals not establish a connection with server
- NC-29370 [IPsec] Tunnel is getting established even though PFS is disabled on the VPN client side and enabled in SFOS IPsec profile
- NC-49919 [IPsec] Dgd service stopped and unable to start
- NC-33848 [LAG] LAG advanced options not working when LAG is member of Bridge
- NC-40683 [LAG] LAG active mode import-export is not working
- NC-52090 [Logging] LogViewer: "Action is not Allowed" filtering not working in detailed view
- NC-52762 [Logging] LogViewer: system mentioned in upper case
- NC-46114 [Logging Framework] Improper input validation and email notification after failed login (Webadmin, SSH, ...)
- NC-50127 [Logging Framework] Garner coredump in HA setup at handle_sync_input
- NC-51942 [Logging Framework] Policy Test Tool not working if firewall rule created with destination network as country or country group
- NC-37839 [nSXLd] Proxy authentication is not cleared after config reload
- NC-37841 [nSXLd] Keywords are not deleted when custom web category is deleted
- NC-54525 [RED] S2S RED tunnel doesn't established on SFOS after EAP2 to EAP3 upgrade
- NC-28022 [Reporting] Incomplete field names on data anonymization page
- NC-42864 [Reporting] Reports downloaded in PDF format have logo too close to the first line in most pages
- NC-43183 [Reporting] When data anonymization is enabled, scheduled reports are showing "Not available" instead of anonymized string
- NC-45154 [Reporting] Cannot specify hour and minute properly in Detailed Custom Reports
- NC-45236 [Reporting] Reports sent 1 hour later than scheduled
- NC-46178 [Reporting] "Web Risks & Usage Visibility" not showing any data
- NC-49273 [Reporting] Filtering on blocked user activities not working as expected
- NC-52120 [Reporting] Daily Reports are received but it delayed by different time
- NC-52125 [Reporting] UTQ user data is empty in SAR report but populated in GUI dashboard report
- NC-53072 [Reporting] Events reports (Admin, Authentication and System) are not generating due to db query for insert query getting failed
- NC-53369 [Reporting] Application Categories shown as "Unclassified"
- NC-54177 [Reporting] UTQ not generating due to change in web categories names
- NC-48718 [Service Object] Unable to edit service object that is assigned to a firewall rule
- NC-47585 [SFM-SCFM] Backedup 'central reporting' config is not maintained after Restoring config
- NC-53043 [SNMP] Wrong data is displayed in SNMP query for CPU usage
- NC-47348 [SSLVPN] LogViewer logs are not generated for ssl vpn connection up or down events
- NC-55228 [SSLVPN] Site2site - SSLVPN client in HA is not initiating connection after active node shut down
- NC-54150 [Static Routing] Data insertion is failing if large number of connections are present and Live Connection page is loaded
- NC-54314 [Static Routing] Negative value is displayed in upstream/downstream bandwidth column
- NC-51673 [UI Framework] User portal redirect loop when using non-standard port
- NC-55193 [VFP-Firewall] Port self test reboots appliance - V18 fastpath
- NC-23045 [WAF] WAF - Increase default TLS version to v1.2
- NC-51952 [WAF] WAF firewall rule update failed after migration from 17.5 MR8 to 18.0 EAP1
- NC-55034 [WAF] Web server timeout of 0 leads to syntax error in reverseproxy.conf
- NC-51156 [Web] Dynamic app filter rules which do not contain any applications is enforced for all applications in WIS
- NC-53402 [Web] Appliance auto reboot due to OOM (out of memory)
- NC-53709 [Web] Tiktok video not working with plain firewall rule with SSL/TLS enabled
- NC-54421 [Web] SSLx Exception based on SAC does not work
- NC-44346 [WWAN] Celullar WAN does not takeover again on failover