Cisco Releases Security Updates

Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.

Cisco has released updates to address several high-impact vulnerabilities affecting multiple products. These and other lower-impact vulnerabilities are listed at Cisco Security Advisories and Alerts. A remote attacker could exploit one of the high-impact vulnerabilities to cause a denial-of-service condition.

Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:

ASA Software DNS Denial-of-Service Vulnerability cisco-sa-20170419-asa-dns
ASA Software IPsec Denial-of-Service Vulnerability cisco-sa-20170419-asa-ipsec
ASA Software SSL/TLS Denial-of-Service Vulnerability cisco-sa-20170419-asa-tls
ASA Software Internet Key Exchange Version 1 XAUTH Denial-of-Service Vulnerability cisco-sa-20170419-asa-xauth
IOS and IOS XE Software EnergyWise Denial-of-Service Vulnerabilities cisco-sa-20170419-energywise
Firepower Detection Engine Pragmatic General Multicast Protocol Decoding Denial-of-Service Vulnerability cisco-sa-20170419-fpsnort
Unified Communications Manager Denial-of-Service Vulnerability cisco-sa-20170419-ucm

Archived Content

Cisco Releases Security Updates

JCDC Cultivates Pre-Ransomware Notification Capability

Cisco Releases Security Advisories for Multiple Products

CISA Releases Six Industrial Control Systems Advisories

Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments

Archived Content

Cisco Releases Security Updates

Related Advisories

JCDC Cultivates Pre-Ransomware Notification Capability

Cisco Releases Security Advisories for Multiple Products

CISA Releases Six Industrial Control Systems Advisories

Untitled Goose Tool Aids Hunt and Incident Response in Azure, Azure Active Directory, and Microsoft 365 Environments