Vulnerability in Vasion Print Application
CVE-2025-34208
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's `hash()` function i…
Vulnerability class: POODLE (CVE-2014-3566)
EPSS: 0.001 (23.4th percentile) — read the EPSS interpretation.
Affected products
Weakness classification (CWE)
References
- pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html (technical-description)
- help.printerlogic.com/va/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm (vendor-advisory, patch)
- www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-password-hashing (third-party-advisory)