CVE-2025-34208
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-34208, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-02

Last updated on: 2025-10-09

Assigner: VulnCheck

Description

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's `hash()` function in multiple files (server_write_requests_users.php, update_database.php, legacy/Login.php, tests/Unit/Api/IdpControllerTest.php). No per-user salt is used and the fast hash algorithms are unsuitable for password storage. An attacker who obtains the password database can recover cleartext passwords via offline dictionary or rainbow table attacks. The vulnerable code also contains logic that migrates legacy SHA-1 hashes to SHA-512 on login, further exposing users still on the old hash. This vulnerability was partially resolved, but still present within the legacy authentication platform.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-02
Last Modified
2025-10-09
Generated
2026-07-07
AI Q&A
2025-10-02
EPSS Evaluated
2026-07-06
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
vasion virtual_appliance_application *
vasion virtual_appliance_host *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
CWE-759 The product uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves Vasion Print Virtual Appliance Host and Application storing user passwords using unsalted SHA-512 hashes with a fallback to unsalted SHA-1. These hashing methods are fast and lack per-user salts, making them unsuitable for secure password storage. An attacker who obtains the password database can use offline dictionary or rainbow table attacks to recover cleartext passwords. Additionally, legacy SHA-1 hashes are migrated to SHA-512 on login, exposing users still on the old hash. The vulnerability remains partially present in the legacy authentication platform.

Impact Analysis

If an attacker obtains the password database, they can recover users' cleartext passwords through offline dictionary or rainbow table attacks due to weak hashing methods. This can lead to unauthorized access to user accounts and potentially further compromise of systems relying on these credentials.

Mitigation Strategies

Immediate steps include avoiding use of the legacy authentication platform that uses unsalted SHA-1 and SHA-512 hashes for password storage. Ensure that password storage uses strong, salted, and slow hashing algorithms instead of fast unsalted hashes. If possible, update or patch the Vasion Print Virtual Appliance Host and Application to versions that have resolved this vulnerability. Additionally, consider resetting user passwords to force re-hashing with secure methods and monitor for any unauthorized access.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-34208. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart