Cisco has released 7 security advisories fixing a number of vulnerabilities in several Cisco products. A remote attacker could exploit the vulnerabilities by sending a specially crafted SSL connection request or malicious packets to affected systems.
Depending on the vulnerability exploited, a successful attack could lead to denial of service (DoS) or SSL certificate verification bypass of an affected device.
Patches for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.
Users should contact their product support vendors for the fixes and assistance.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fpsnort
https://www.hkcert.org/my_url/en/alert/18041902
https://www.us-cert.gov/ncas/current-activity/2018/04/18/Cisco-Releases-Security-Updates-Multiple-Products
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0227 (to CVE-2018-2231)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0240