cbcvebase.

Vasion Print Application vulnerabilities

43 known vulnerabilities affecting vasion/print_application.

Total CVEs
43
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL19HIGH17MEDIUM7

Vulnerabilities

Page 3 of 3
CVE-2025-34220P4MEDIUMCVSS 5.3fixed in 25.1.14132025-09-29
CVE-2025-34220 [MEDIUM] CWE-200 CVE-2025-34220: Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Applicatio Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to https://.printercloud10.com/api-gateway/identity/search-groups and adjustments to the `Host` h
nvd
CVE-2025-34210P4MEDIUMCVSS 5.5v*2025-10-02
CVE-2025-34210 [MEDIUM] CWE-256 CVE-2025-34210: Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) st Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store a large number of sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) in cleartext files that are world-readable. Any local user - or any process that can read the host filesystem - can retrie
nvd
CVE-2025-34211P4MEDIUMCVSS 4.9fixed in 20.0.27862025-09-29
CVE-2025-34211 [MEDIUM] CWE-321 CVE-2025-34211: Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Applicati Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 (VA and SaaS deployments) contain a private SSL key and matching public certificate stored in cleartext. The key belongs to the hostname `pl‑local.com` and is used by the appliance to terminate TLS connections on ports 80
nvd
Vasion Print Application vulnerabilities | cvebase