Core issue
This problem occurs when users share an Access Control List (ACL) with a Network Address Translation (NAT) policy. That is, the same ACL is used more than once in the Command Line Interface (CLI) NAT.
For example:
nat (inside) 1 access-list
nat (dmz) 1 access-list
This issue is documented in Cisco bug ID CSCsd98278.
Resolution
As a workaround, make copies of the ACL so it is no longer shared.
For example:
access-list < mypool1> ...
access-list ...
global (outside) 1 10.1.1.1
nat (inside) 1 access-list
nat (dmz) 1 access-list