📦 Virtual Appliance Application

This vulnerability allows attackers with the matching private SSH key to gain root access to Vasion Print (formerly PrinterLogic) Virtual Appliance systems. The undocumented 'printerlogic' user has a ...

This vulnerability allows unauthenticated remote attackers to take over administrative control of Vasion Print (formerly PrinterLogic) systems during initial setup. Attackers can exploit a default adm...

Vasion Print (formerly PrinterLogic) Virtual Appliance exposes unauthenticated REST API endpoints that leak configuration files, clear-text passwords, and the Laravel APP_KEY. An attacker who obtains ...

This vulnerability allows unauthenticated attackers to access all internal Docker containers in Vasion Print (formerly PrinterLogic) deployments, bypassing authentication entirely. Attackers can inter...

This vulnerability allows attackers to capture SSH private keys from compromised Docker containers in Vasion Print deployments due to insecure SSH client configuration. The insecure settings disable h...

This CVE describes a supply chain vulnerability in Vasion Print (formerly PrinterLogic) build pipeline that allows attackers to compromise the CI/CD system. Attackers can inject malicious firmware or ...

Vasion Print (formerly PrinterLogic) contains hardcoded private keys and passwords in configuration files, allowing attackers who obtain these files to impersonate the Certificate Authority, sign mali...

Vasion Print (formerly PrinterLogic) contains outdated, end-of-life third-party components across multiple Docker containers, creating a large attack surface. Attackers can chain vulnerabilities in th...

This vulnerability allows unauthenticated attackers to reset the database administrator password to a known value ('password') via an exposed PHP script, potentially leading to full database compromis...

This vulnerability allows remote code execution on Windows systems running vulnerable versions of Vasion Print (formerly PrinterLogic). Attackers can exploit unquoted program paths during driver insta...

Vasion Print (formerly PrinterLogic) appliances use the same hardcoded SSH host private keys across all installations instead of unique per-appliance keys. This allows attackers who obtain these keys ...

This vulnerability affects Vasion Print (formerly PrinterLogic) deployments using outdated OpenSSL 1.0.2h-fips, which has been end-of-life since 2019. Attackers could exploit known unpatched vulnerabi...

Vasion Print (formerly PrinterLogic) contains hardcoded encryption keys in its application containers, allowing attackers who can access the filesystem to decrypt sensitive SaaS identifiers. This affe...

This CVE describes an unauthenticated server-side request forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application. Attackers can exploit this to mak...

This CVE describes an unauthenticated server-side request forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application. Attackers can force the server to...

This vulnerability exposes Docker container networks in Vasion Print (formerly PrinterLogic) deployments, allowing attackers on the same network segment to directly access internal services like HTTP ...

Vasion Print (formerly PrinterLogic) Virtual Appliance stores network account credentials in clear-text in the world-readable /etc/issue file. An attacker with local shell access can read these creden...

This vulnerability allows local attackers to bypass authentication in Vasion Print (formerly PrinterLogic) by preloading a malicious shared object that overrides the geteuid() function. This tricks th...

This vulnerability allows local unprivileged users to escalate privileges to SYSTEM level by exploiting insecure temporary file handling in Vasion Print (formerly PrinterLogic). The software creates f...

This vulnerability allows local users to extract authentication session tokens from cleartext log files in Vasion Print (formerly PrinterLogic) deployments. Attackers can use these tokens to authentic...

Vasion Print (formerly PrinterLogic) Virtual Appliance stores sensitive credentials in cleartext world-readable files, allowing any local user or process with filesystem access to steal database passw...

This vulnerability allows admin-level attackers in Vasion Print (formerly PrinterLogic) to exploit improper input validation in printer configuration fields. By injecting malicious hostnames that redi...

This CVE describes a blind server-side request forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) that allows unauthenticated attackers to make HTTP requests from the vulnerable serv...

This CVE describes a blind server-side request forgery (SSRF) vulnerability in Vasion Print (formerly PrinterLogic) that allows unauthenticated attackers to make HTTP requests from the vulnerable serv...

An unauthenticated API endpoint in Vasion Print (formerly PrinterLogic) allows remote attackers to enumerate all group objects for a tenant. This exposes internal identifiers including group IDs, Azur...

Vasion Print (formerly PrinterLogic) appliances contain a hardcoded private SSL key and matching certificate stored in cleartext. This allows attackers with container-level access to decrypt TLS traff...