CNNVD-202509-3071 Information
CNNVD ID
CNNVD-202509-3071
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
Vasion Print和Vasion Print Virtual Appliance Host都是Vasion公司的产品。Vasion Print是一款基于 SaaS 的云托管应用程序,用于管理和部署打印机。Vasion Print Virtual Appliance Host是一个打印管理软件。 Vasion Print Virtual Appliance Host和Vasion Print Application存在安全漏洞,该漏洞源于多个Docker容器以root用户身份运行主要应用程序进程,可能导致容器受损时扩大攻击范围并实现横向移动和主机入侵。
Description (English)
Vasion Print and Vasion Prince Virgin Application Host are both products of Vasion. Vasion Print is a cloud hosting application based on SaaS for the management and deployment of printers. Vasion Prit Virgin Application Host is a print management software. There is a security loophole in Vasion Print Virgin Application Host and Vasion Prince Application, which stems from the fact that several Docker containers operate the main application process as root users, which may result in a wider range of attacks and lateral movement and host intrusion if the containers are damaged.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Vela
Published
2025-09-19
Last Modified
2026-02-24
References
https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-processes-running-as-root https://www.vulncheck.com/advisories/vasion-print-printerlogic-processes-running-as-root-inside-docker-instances https://access.redhat.com/security/cve/cve-2025-34204