CVE-2025-34203
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-19

Last updated on: 2025-10-02

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior toΒ 20.0.2614Β (VA and SaaS deployments) contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components (examples: Nginx 1.17.x, OpenSSL 1.1.1d, various EOL Alpine/Debian/Ubuntu base images, and EOL Laravel/PHP libraries). These components are present across many container images and increase the product's attack surface, enabling exploitation chains when leveraged by an attacker.Β Multiple distinct EOL versions and unpatched libraries across containers; Nginx binaries date from 2019 in several images and Laravel versions observed include EOL releases (for example Laravel 5.5.x, 5.7.x, 5.8.x).Β This vulnerability has been identified by the vendor as: V-2024-014 β€” Outdated Dependencies.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-19
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-09-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-34203
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application to 20.0.2614 (exc)
vasion virtual_appliance_host to 22.0.1002 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-34203 is a critical vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application versions prior to certain releases. It arises because these versions include multiple Docker containers with outdated, end-of-life, unsupported, or vulnerable third-party components such as Nginx 1.17.x, OpenSSL 1.1.1d, and various EOL Alpine/Debian/Ubuntu base images and Laravel/PHP libraries. These outdated components increase the attack surface, allowing attackers to exploit chains of vulnerabilities across the containers without needing privileges or user interaction. [1]

Impact Analysis

This vulnerability can have a severe impact as it allows attackers to exploit multiple outdated and vulnerable third-party components within Vasion Print's Docker containers. The CVSS score of 9.3 indicates a critical risk with high impact on confidentiality, integrity, and availability. An attacker can remotely exploit this vulnerability without any privileges or user interaction, potentially leading to unauthorized access, data breaches, service disruption, or full compromise of the affected systems. [1]

Detection Guidance

Detection involves identifying the presence of outdated and vulnerable third-party components within the Vasion Print (formerly PrinterLogic) Virtual Appliance Host or Application containers. You can inspect the Docker containers for versions of Nginx, OpenSSL, Laravel, and base images (Alpine/Debian/Ubuntu) that are known to be end-of-life or vulnerable. Suggested commands include: 1) Listing running containers: `docker ps` 2) Inspecting container images: `docker inspect <container_id>` 3) Checking installed package versions inside a container: `docker exec -it <container_id> nginx -v` or `docker exec -it <container_id> openssl version` 4) Reviewing Dockerfile or image layers for base images and library versions. These steps help identify if the vulnerable versions (e.g., Nginx 1.17.x, OpenSSL 1.1.1d, Laravel 5.5.x/5.7.x/5.8.x) are present. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading Vasion Print Virtual Appliance Host to version 22.0.1002 or later and the Application to version 20.0.2614 or later, as these versions address the use of outdated and vulnerable third-party components. Additionally, review and update Docker container images to use supported and patched versions of Nginx, OpenSSL, Laravel, and base OS images. Applying vendor security bulletins and patches promptly is critical to reduce the attack surface and prevent exploitation. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34203. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart