Vasion

Virtual Appliance Host

43 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-34206

Exploit
  • EPSS 0.04%
  • Veröffentlicht 19.09.2025 18:48:58
  • Zuletzt bearbeitet 24.09.2025 18:46:15

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) mount host configuration and secret material under /var/www/efs_storage into many Docker containers with overly-permissive filesystem permissions. F...

8.1

CVE-2025-34199

Exploit
  • EPSS 0.09%
  • Veröffentlicht 19.09.2025 18:48:05
  • Zuletzt bearbeitet 25.11.2025 15:15:51

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and Application versions prior to 20.0.2786 (VA and SaaS deployments) contain insecure defaults and code patterns that disable TLS/SSL certificate verification fo...

9.8

CVE-2025-34193

Medienbericht Exploit
  • EPSS 0.11%
  • Veröffentlicht 19.09.2025 18:47:35
  • Zuletzt bearbeitet 29.09.2025 20:15:31

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components (PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerCli...

7.8

CVE-2025-34201

Exploit
  • EPSS 0.02%
  • Veröffentlicht 19.09.2025 18:47:07
  • Zuletzt bearbeitet 24.09.2025 19:18:45

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) run many Docker containers on shared internal networks without firewalling or segmentation between instances. A compromise of any single container a...

7.8

CVE-2025-34188

Exploit
  • EPSS 0.06%
  • Veröffentlicht 19.09.2025 18:46:40
  • Zuletzt bearbeitet 02.10.2025 22:15:34

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local logging mechanism. Authentication session tokens, including...

7.8

CVE-2025-34194

Exploit
  • EPSS 0.03%
  • Veröffentlicht 19.09.2025 18:46:12
  • Zuletzt bearbeitet 29.09.2025 20:15:32

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 (Windows client deployments) contain an insecure temporary-file handling vulnerability in the PrinterInstallerClient co...

7.8

CVE-2025-34200

Exploit
  • EPSS 0.01%
  • Veröffentlicht 19.09.2025 18:45:41
  • Zuletzt bearbeitet 24.09.2025 19:18:22

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacke...

9.8

CVE-2025-34204

Exploit
  • EPSS 0.07%
  • Veröffentlicht 19.09.2025 18:41:02
  • Zuletzt bearbeitet 24.09.2025 19:20:09

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) contains multiple Docker containers that run primary application processes (for example PHP workers, Node.js servers and custom binaries) as the roo...

9.8

CVE-2025-34198

Exploit
  • EPSS 0.07%
  • Veröffentlicht 19.09.2025 18:40:31
  • Zuletzt bearbeitet 02.10.2025 22:15:36

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951 and Application prior to 20.0.2368 (VA and SaaS deployments) contain shared, hardcoded SSH host private keys in the appliance image. The same private host keys (RS...

7.8

CVE-2025-34197

Exploit
  • EPSS 0.02%
  • Veröffentlicht 19.09.2025 18:39:36
  • Zuletzt bearbeitet 02.10.2025 22:15:36

Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 (VA and SaaS deployments) contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granti...