CVE-2025-34200

216.73.217.22

· Published 19/09/2025 19:15 · Modified 19/09/2025 19:15

Labels: CVE-2025-34200 2025-09-19 CVE-2025-34200 CWE-312 [email protected]

Essential information

Published: 19/09/2025 19:15
Modified: 19/09/2025 19:15
Author: —
Creator: —
CVSS: 8.6 HIGH (v3) 8.6 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) provision the appliance with the network account credentials in clear-text inside /etc/issue, and the file is world-readable by default. An attacker with local shell access can read /etc/issue to obtain the network account username and password. Using the network account an attacker can change network parameters via the appliance interface, enabling local misconfiguration, network disruption or further escalation depending on deployment.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
vasion print / virtual appliance	`cpe:2.3:a:vasion_print:virtual_appliance::::::::`
printerlogic / virtual appliance	`cpe:2.3:a:printerlogic:virtual_appliance::::::::`