Cisco Releases Security Updates

Description: Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The following products are covered by the updates :

• Cisco WebEx Clients Remote Code Execution Vulnerability cisco-sa-20180418-wbs(link is external)
• Cisco UCS Director Virtual Machine Information Disclosure Vulnerability for End User Portal cisco-sa-20180418-uscd(link is external)
• Cisco StarOS Interface Forwarding Denial of Service Vulnerability cisco-sa-20180418-staros(link is external)
• Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability cisco-sa-20180418-iosxr(link is external)
• Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability cisco-sa-20180418-fpsnort(link is external)
• Cisco Firepower 2100 Series Security Appliances IP Fragmentation Denial of Service Vulnerability cisco-sa-20180418-fp2100(link is external)
• Cisco ASA Software, FTD Software, and AnyConnect Secure Mobility Client SAML Authentication Session Fixation Vulnerability cisco-sa-20180418-asaanyconnect(link is external)
• Cisco Adaptive Security Appliance Application Layer Protocol Inspection Denial of Service Vulnerabilities cisco-sa-20180418-asa_inspect(link is external)
• Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability cisco-sa-20180418-asa3(link is external)
• Cisco Adaptive Security Appliance Flow Creation Denial of Service Vulnerability cisco-sa-20180418-asa2(link is external)
• Cisco Adaptive Security Appliance Virtual Private Network SSL Client Certificate Bypass Vulnerability cisco-sa-20180418-asa1

Impact: An attacker could exploit this vulnerability to take control of an affected system.

Mitigation: Apply an update. Please see the references or vendor advisory for more information above in the product description.