NCSC Cyber Security Advisory CSA-001-16

Cisco announced on January 29 and February 10, 2016, two vulnerabilities ranked respectively as High and Critical. These vulnerabilities effect certain equipment running Cisco ASA software and Open SSL. The critical vulnerability has the potential to allow remote code execution and the high vulnerability enables man-in-the-middle attack on an SSL/TLS connection. Cisco has released patches and NCSC recommends vulnerable devices be updated as soon as possible. 

Refer to the below link of the full report https://tools.cisco.com/security/center/publicationListing.x