CVE-2025-34200
BaseFortify
Publication date: 2025-09-19
Last updated on: 2025-09-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vasion | virtual_appliance_application | * |
| vasion | virtual_appliance_host | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-312 | The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34200 is a vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application where network account credentials are stored in clear-text inside the /etc/issue file, which is world-readable by default. An attacker with local shell access can read this file to obtain the network account username and password. With these credentials, the attacker can change network parameters via the appliance interface, potentially causing local misconfiguration, network disruption, or further escalation depending on the deployment. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker with local access to obtain network account credentials in clear-text, enabling them to modify network parameters through the appliance interface. This can lead to local misconfiguration, network disruption, or further escalation of privileges depending on the deployment. The impact includes high confidentiality and integrity risks, potentially allowing attackers to disrupt network operations or gain further control over the system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the file /etc/issue on the Vasion Print Virtual Appliance Host contains network account credentials in cleartext and if the file permissions allow world-readable access. You can use commands such as `cat /etc/issue` to view the contents and `ls -l /etc/issue` to check the file permissions. If the file contains sensitive credentials and is world-readable, the system is vulnerable. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying all available security patches from the vendor, restricting access to the /etc/issue file to prevent unauthorized reading (e.g., changing file permissions), implementing network segmentation to limit exposure of Vasion Print components, reviewing and remediating insecure configurations especially related to Docker and cryptographic key management, and enhancing authentication and access control mechanisms to prevent unauthorized access to the appliance interface. [2]