CVE-2025-34200 (GCVE-0-2025-34200)
Vulnerability from cvelistv5
Published
2025-09-19 18:45
Modified
2025-09-19 20:05
Severity ?
8.6 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
CWE
  • CWE-312 - Cleartext Storage of Sensitive Information
Summary
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.
References
disclosure@vulncheck.comhttps://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htmVendor Advisory
disclosure@vulncheck.comhttps://help.printerlogic.com/va/Print/Security/Security-Bulletins.htmVendor Advisory
disclosure@vulncheck.comhttps://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-passwordExploit, Third Party Advisory
disclosure@vulncheck.comhttps://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartextThird Party Advisory
Impacted products
Vendor Product Version
Vasion Print Virtual Appliance Host Version: *   
Create a notification for this product.
   Vasion Print Application Version: *   
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-34200",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-19T20:05:30.171844Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-19T20:05:40.367Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "modules": [
            "Appliance OS default /etc/issue provisioning and network account configuration"
          ],
          "product": "Print Virtual Appliance Host",
          "vendor": "Vasion",
          "versions": [
            {
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "modules": [
            "Appliance OS default /etc/issue provisioning and network account configuration"
          ],
          "product": "Print Application",
          "vendor": "Vasion",
          "versions": [
            {
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Pierre Barre"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eVasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments)  provision the appliance with the network account credentials in clear-text inside \u003ccode\u003e/etc/issue\u003c/code\u003e, and the file is world-readable by default. An attacker with local shell access can read \u003ccode\u003e/etc/issue\u003c/code\u003e to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.\u003c/p\u003e"
            }
          ],
          "value": "Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments)  provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-312",
              "description": "CWE-312 Cleartext Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-19T18:45:41.248Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Vasion Print (formerly PrinterLogic) Network Account Password Stored in Cleartext",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2025-34200",
    "datePublished": "2025-09-19T18:45:41.248Z",
    "dateReserved": "2025-04-15T19:15:22.570Z",
    "dateUpdated": "2025-09-19T20:05:40.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-34200\",\"sourceIdentifier\":\"disclosure@vulncheck.com\",\"published\":\"2025-09-19T19:15:40.737\",\"lastModified\":\"2025-09-24T19:18:22.493\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments)  provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"disclosure@vulncheck.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-312\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vasion:virtual_appliance_application:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"452CABC4-2EC6-416A-B0EB-4CA8194AB823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vasion:virtual_appliance_host:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5493A1-4AB1-43DD-A1F1-A99D9439B884\"}]}]}],\"references\":[{\"url\":\"https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext\",\"source\":\"disclosure@vulncheck.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-34200\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-19T20:05:30.171844Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-19T20:05:35.291Z\"}}], \"cna\": {\"title\": \"Vasion Print (formerly PrinterLogic) Network Account Password Stored in Cleartext\", \"source\": {\"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Pierre Barre\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.6, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Vasion\", \"modules\": [\"Appliance OS default /etc/issue provisioning and network account configuration\"], \"product\": \"Print Virtual Appliance Host\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Vasion\", \"modules\": [\"Appliance OS default /etc/issue provisioning and network account configuration\"], \"product\": \"Print Application\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-clear-text-password\", \"tags\": [\"technical-description\"]}, {\"url\": \"https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm\", \"tags\": [\"product\"]}, {\"url\": \"https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm\", \"tags\": [\"product\"]}, {\"url\": \"https://www.vulncheck.com/advisories/vasion-print-printerlogic-network-account-password-stored-in-cleartext\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments)  provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eVasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments)  provision the appliance with the network account credentials in clear-text inside \u003ccode\u003e/etc/issue\u003c/code\u003e, and the file is world-readable by default. An attacker with local shell access can read \u003ccode\u003e/etc/issue\u003c/code\u003e to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-312\", \"description\": \"CWE-312 Cleartext Storage of Sensitive Information\"}]}], \"providerMetadata\": {\"orgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"shortName\": \"VulnCheck\", \"dateUpdated\": \"2025-09-19T18:45:41.248Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-34200\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-19T20:05:40.367Z\", \"dateReserved\": \"2025-04-15T19:15:22.570Z\", \"assignerOrgId\": \"83251b91-4cc7-4094-a5c7-464a1b83ea10\", \"datePublished\": \"2025-09-19T18:45:41.248Z\", \"assignerShortName\": \"VulnCheck\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.