Cisco Releases Security Updates
by CIRT Team
Description: Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The following products are covered by the updates :
- Cisco WebEx Clients Remote Code Execution Vulnerability cisco-sa-20180418-wbs(link is external)
- Cisco UCS Director Virtual Machine Information Disclosure Vulnerability for End User Portal cisco-sa-20180418-uscd(link is external)
- Cisco StarOS Interface Forwarding Denial of Service Vulnerability cisco-sa-20180418-staros(link is external)
- Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability cisco-sa-20180418-iosxr(link is external)
- Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability cisco-sa-20180418-fpsnort(link is external)
- Cisco Firepower 2100 Series Security Appliances IP Fragmentation Denial of Service Vulnerability cisco-sa-20180418-fp2100(link is external)
- Cisco ASA Software, FTD Software, and AnyConnect Secure Mobility Client SAML Authentication Session Fixation Vulnerability cisco-sa-20180418-asaanyconnect(link is external)
- Cisco Adaptive Security Appliance Application Layer Protocol Inspection Denial of Service Vulnerabilities cisco-sa-20180418-asa_inspect(link is external)
- Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability cisco-sa-20180418-asa3(link is external)
- Cisco Adaptive Security Appliance Flow Creation Denial of Service Vulnerability cisco-sa-20180418-asa2(link is external)
- Cisco Adaptive Security Appliance Virtual Private Network SSL Client Certificate Bypass Vulnerability cisco-sa-20180418-asa1
Impact: An attacker could exploit this vulnerability to take control of an affected system.
Mitigation: Apply an update. Please see the references or vendor advisory for more information above in the product description.