IRS close to getting new leader
http://news.poseidon-us.com/TL9QC5
http://news.poseidon-us.com/TL9QC5
http://news.poseidon-us.com/TL9QC5
IRS close to getting new leader
http://news.poseidon-us.com/TL9Q9h
What is VMware NSX? Definition, features and use cases
VMware NSX is a network virtualization feature that allows VMware Cloud Foundation (VCF) subscribers to replicate their entire network infrastructure with software.http://news.poseidon-us.com/TL9NLW
Forward Under Pressure: Practical paths to modern federal acquisition
http://news.poseidon-us.com/TL9LbS
Forward Under Pressure: Practical paths to modern federal acquisition
http://news.poseidon-us.com/TL9LNL
Cisco Customer Collaboration Platform Information Disclosure Vulnerability
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccp-info-disc-ZyGerQpd Security Impact Rating: Medium CVE: CVE-2025-20129http://news.poseidon-us.com/TL9JVk
Cisco Unified Communications Products Command Injection Vulnerability
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy Security Impact Rating: Medium CVE: CVE-2025-20278http://news.poseidon-us.com/TL9JVf
Cisco Integrated Management Controller Privilege Escalation Vulnerability
A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC) for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers could allow an authenticated, remote attacker to access internal services with elevated privileges. This vulnerability is due to insufficient restrictions on access to internal services. An attacker with a valid user account could exploit this vulnerability by using crafted syntax when connecting to the Cisco IMC of an affected device through SSH. A successful exploit could allow the attacker to access internal services with elevated privileges, which may allow unauthorized modifications to the system, including the possibility of creating new administrator accounts on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability, but a mitigation is available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-ssh-priv-esc-2mZDtdjM Security Impact Rating: High CVE: CVE-2025-20261http://news.poseidon-us.com/TL9JVY
Cisco Unified Contact Center Express Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack or execute arbitrary code on an affected device. To exploit these vulnerabilities, the attacker must have valid administrative credentials. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL Security Impact Rating: Medium CVE: CVE-2025-20276,CVE-2025-20277,CVE-2025-20279http://news.poseidon-us.com/TL9JVR
Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability
A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device. This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-editor-rce-ezyYZte8 Security Impact Rating: Medium CVE: CVE-2025-20275http://news.poseidon-us.com/TL9JVG