How to create healthy organizations — and why you want to
http://news.poseidon-us.com/TPFWXQ
http://news.poseidon-us.com/TPFWXQ
http://news.poseidon-us.com/TPFWXQ
How to create healthy organizations — and why you want to
http://news.poseidon-us.com/TPFVwH
Federal workers question whether the longest government shutdown was worth their sacrifice
http://news.poseidon-us.com/TPFVtV
C-suite leaders break their own AI rules
Most business leaders are using unapproved tools regardless of compliance requirements, according to a Nitro report.http://news.poseidon-us.com/TPFVf3
How to Write a Stakeholder Communication Plan: Example & Template
http://news.poseidon-us.com/TPFThw
Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-open-redirect-3W5Bk3Je Security Impact Rating: Medium CVE: CVE-2025-20355http://news.poseidon-us.com/TPFSp8
Cisco Catalyst Center Privilege Escalation Vulnerability
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-privesc-catc-rYjReeLU Security Impact Rating: Medium CVE: CVE-2025-20346http://news.poseidon-us.com/TPFSnz
Cisco Catalyst Center Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-xss-weXtVZ59 Security Impact Rating: Medium CVE: CVE-2025-20353http://news.poseidon-us.com/TPFSns
Cisco Catalyst Center REST API Command Injection Vulnerability
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ci-ZWLQVSwT Security Impact Rating: Medium CVE: CVE-2025-20349http://news.poseidon-us.com/TPFSnW
Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-priv-esc-VS8EeCuX Security Impact Rating: High CVE: CVE-2025-20341http://news.poseidon-us.com/TPFSlh