Forwarded from Network 3A
🤙Cisco community channel and group:
@Cisco
@CiscoChat
💥Other Cisco related Channels and groups:
@ciscoAcademy
@spotociscoclub
Qubes OS Community Channel and group:
@QubesOS
@QubesChat
Off topic chats:
@PublicChatrooms
Games:
@hamstEr_kombat_bot
@CatizenBot
@boinker_bot - addicting
Other Channels:
@telemojis
@TheTGTimes
@TVids - True Videos
▪️▫️▪️▫️▪️▫️▪️▫️▪️▫️▪️
Join @Net3A for more channels and groups.
@Cisco
@CiscoChat
💥Other Cisco related Channels and groups:
@ciscoAcademy
@spotociscoclub
Qubes OS Community Channel and group:
@QubesOS
@QubesChat
Off topic chats:
@PublicChatrooms
Games:
@hamstEr_kombat_bot
@CatizenBot
@boinker_bot - addicting
Other Channels:
@telemojis
@TheTGTimes
@TVids - True Videos
▪️▫️▪️▫️▪️▫️▪️▫️▪️▫️▪️
Join @Net3A for more channels and groups.
👍1
Innovation — and independence — for people with diverse abilities
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/innovation-and-independence-for-people-with-diverse-abilities.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/innovation-and-independence-for-people-with-diverse-abilities.html?source=rss
A Cisco-sponsored project explores how technology can better support seniors, people with developmental disabilities, and other challenged communities.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
👍1
Cisco Crosswork Network Controller Stored Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Crosswork%20Network%20Controller%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system.
These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by inserting malicious data into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU
Security Impact Rating: Medium
CVE: CVE-2025-20123
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Crosswork%20Network%20Controller%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system.
These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by inserting malicious data into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xwork-xss-KCcg7WwU
Security Impact Rating: Medium
CVE: CVE-2025-20123
👍2
Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Common%20Services%20Platform%20Collector%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on an affected device.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH
Security Impact Rating: Medium
CVE: CVE-2025-20166,CVE-2025-20167,CVE-2025-20168
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Common%20Services%20Platform%20Collector%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on an affected device.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-xss-CDOJZyH
Security Impact Rating: Medium
CVE: CVE-2025-20166,CVE-2025-20167,CVE-2025-20168
👍1
Cisco ThousandEyes Agent Certificate Validation Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Agent%20Certificate%20Validation%20Vulnerability%26vs_k=1
A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.
This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N
Security Impact Rating: Medium
CVE: CVE-2025-20126
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Agent%20Certificate%20Validation%20Vulnerability%26vs_k=1
A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.
This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N
Security Impact Rating: Medium
CVE: CVE-2025-20126
👍1
10 𝗕𝗲𝘀𝘁 𝗙𝗥𝗘𝗘 𝗢𝗻𝗹𝗶𝗻𝗲 IT 𝗖𝗼𝘂𝗿𝘀𝗲𝘀 𝘁𝗼 𝗗𝗼 𝗜𝗻 𝟮𝟬𝟮𝟱😍
Kickstart 2025 with these 10 + free courses that can elevate your skills and open doors to new opportunities! #Cisco, #AWS, #PMP, #Python, #Excel, #Google, #Microsoft
The best part? They’re absolutely free! Invest in yourself and make 2025 your most productive year yet.
𝗟𝗶𝗻𝗸 👇:- https://bit.ly/3PqKVXB
Enroll For FREE & Get Certified 🎓
*📚Download 100% real Cisco Exam Dump& study guide: https://bit.ly/3DR0chS
↙️Join 2024 Cisco study Group:
https://chat.whatsapp.com/BX4ZpXvwvSW4Gv10lN9vux
Kickstart 2025 with these 10 + free courses that can elevate your skills and open doors to new opportunities! #Cisco, #AWS, #PMP, #Python, #Excel, #Google, #Microsoft
The best part? They’re absolutely free! Invest in yourself and make 2025 your most productive year yet.
𝗟𝗶𝗻𝗸 👇:- https://bit.ly/3PqKVXB
Enroll For FREE & Get Certified 🎓
*📚Download 100% real Cisco Exam Dump& study guide: https://bit.ly/3DR0chS
↙️Join 2024 Cisco study Group:
https://chat.whatsapp.com/BX4ZpXvwvSW4Gv10lN9vux
👍1
Powering resilient communities through technology
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/powering-resilient-communities-through-technology.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/powering-resilient-communities-through-technology.html?source=rss
In a world full of disruption, resilience has never been more important.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
Protecting AI so AI can improve the world, safely
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/protecting-ai-so-ai-can-improve-the-world-safely.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/protecting-ai-so-ai-can-improve-the-world-safely.html?source=rss
The world is in the middle of an unprecedented era of artificial intelligence innovation.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
Cisco Unveils AI Defense to Secure the AI Transformation of Enterprises
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/cisco-unveils-ai-defense-to-secure-the-ai-transformation-of-enterprises.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/cisco-unveils-ai-defense-to-secure-the-ai-transformation-of-enterprises.html?source=rss
👍2
Cisco AI Defense is purpose-built for enterprises to develop, deploy and secure AI applications with confidence.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)
👍1
The future of retail: powered by Cisco
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/the-future-of-retail-powered-by-cisco.html?source=rss
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2025/m01/the-future-of-retail-powered-by-cisco.html?source=rss