CVE-2025-34220
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-29

Last updated on: 2025-10-09

Assigner: VulnCheck

Description
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (VA/SaaS deployments) contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to https://<tenant>.printercloud10.com/api-gateway/identity/search-groups and adjustments to the `Host` header allow an unauthenticated remote attacker to enumerate every group object stored for that tenant. The response includes internal identifiers (group ID, source service ID, Azure AD object IDs, creation timestamps, and tenant IDs). This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-29
Last Modified
2025-10-09
Generated
2026-05-07
AI Q&A
2025-09-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34220
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application to 25.1.1413 (exc)
vasion virtual_appliance_host to 25.1.102 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-34220 is a medium-severity vulnerability in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application prior to certain versions. It involves an unauthenticated API endpoint (/api-gateway/identity/search-groups) that allows an attacker to remotely enumerate all group objects for a tenant without any authentication or user interaction. The exposed information includes internal identifiers such as group IDs, source service IDs, Azure AD object IDs, creation timestamps, and tenant IDs. This is due to missing authentication on a critical function (CWE-306). [1]


How can this vulnerability impact me? :

This vulnerability allows an unauthenticated remote attacker to access sensitive group information related to a tenant, including internal identifiers and metadata. Although the confidentiality impact is limited, this information disclosure could aid attackers in further targeting or reconnaissance activities against the affected environment. It may expose internal structure and identities that should remain confidential. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending unauthenticated HTTP requests to the /api-gateway/identity/search-groups endpoint on your Vasion Print (PrinterLogic) appliance or SaaS tenant URL. For example, you can use curl to test if the endpoint is accessible without authentication: curl -v https://<tenant>.printercloud10.com/api-gateway/identity/search-groups -H "Host: <tenant>" If the response returns group information including internal identifiers, the system is vulnerable. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading the Vasion Print Virtual Appliance Host to version 25.1.102 or later and the Print Application to version 25.1.1413 or later, as these versions contain the confirmed fix. Until the upgrade can be applied, restrict network access to the vulnerable API endpoint by firewall rules or network segmentation to prevent unauthenticated external access. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart