433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices. This vulnerability is due to insufficient SSH host key validation. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections to Cisco NDFC-managed devices, which could allow an attacker to intercept this traffic. A successful exploit could allow the attacker to impersonate a managed device and capture user credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-shkv-snQJtjrp Security Impact Rating: High CVE: CVE-2025-20163
http://news.poseidon-us.com/TL9JTm

Cisco Identity Services Engine Arbitrary File Upload Vulnerability

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXY Security Impact Rating: Medium CVE: CVE-2025-20130
http://news.poseidon-us.com/TL9JTW

Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems. This vulnerability exists because credentials are improperly generated when Cisco ISE is being deployed on cloud platforms, resulting in different Cisco ISE deployments sharing the same credentials. These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same. An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports. A successful exploit could allow the attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems. Note: If the Primary Administration node is deployed in the cloud, then Cisco ISE is affected by this vulnerability. If the Primary Administration node is on-premises, then it is not affected. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-aws-static-cred-FPMjUcm7 Security Impact Rating: Critical CVE: CVE-2025-20286
http://news.poseidon-us.com/TL9JT0

Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Intelligent Contact Management Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco plans to release software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-icm-xss-cfcqhXAg Security Impact Rating: Medium CVE: CVE-2025-20273
http://news.poseidon-us.com/TL9JS9

VA plans to cut 1,000 IT positions, undoing Biden-era hiring surge

The VA would see a 4% spending increase under the FY 2026 budget proposal, but is looking to cut about 2,000 positions from the Veterans Benefits Administration The post VA plans to cut 1,000 IT positions, undoing Biden-era hiring surge first appeared on Federal News Network.
http://news.poseidon-us.com/TL9HR7

Attackers fake IT support calls to steal Salesforce data

Over the past several months, a threat group has been actively breaching organizations’ Salesforce instances and exfiltrating customer and business data, Google Threat Intelligence Group (GTIG) has warned. The attackers in question – currently tracked as UNC6040 – are masters at voice phishing (“vishing“): they are impersonating the organizations’ IT support personnel and manipulating employees into sharing credentials and connecting a malicious app to their organization’s Salesforce portal. The primary goal is the exfiltration of … More → The post Attackers fake IT support calls to steal Salesforce data appeared first on Help Net Security.
http://news.poseidon-us.com/TL9G7Y

Federal identity management: Adapting to evolving cyber threats

Federal agencies are shifting from compliance-driven identity management to proactive identity security strategies to combat breaches and insider threats. The post Federal identity management: Adapting to evolving cyber threats first appeared on Federal News Network.
http://news.poseidon-us.com/TL9DsP

Federal Executive Forum Health Care IT Strategies in Government Progress and Best Practices 2025

What health care IT strategies have proven successful and what are the priorities for the future? The post Federal Executive Forum Health Care IT Strategies in Government Progress and Best Practices 2025 first appeared on Federal News Network.
http://news.poseidon-us.com/TL9Dq6

Federal Executive Forum Health Care IT Strategies in Government Progress and Best Practices 2025

What health care IT strategies have proven successful and what are the priorities for the future? The post Federal Executive Forum Health Care IT Strategies in Government Progress and Best Practices 2025 first appeared on Federal News Network.
http://news.poseidon-us.com/TL9BLN

Proposed 2025 budget bill will make health savings accounts more generous

HSAs will gain increased flexibility and higher contribution limits, making HDHPs an even more attractive choice for federal employees. The post Proposed 2025 budget bill will make health savings accounts more generous first appeared on Federal News Network.
http://news.poseidon-us.com/TL97Zw