CNNVD-202509-3088 Information
CNNVD ID
CNNVD-202509-3088
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
Vasion Print Virtual Appliance Host和Vasion Print Application都是美国Vasion公司的产品。Vasion Print Virtual Appliance Host是一个打印管理软件。Vasion Print Application是一个打印机管理应用程序。 Vasion Print Virtual Appliance Host 1.0.735之前版本和Vasion Print Application 20.0.1330版本存在安全漏洞,该漏洞源于本地日志机制以明文存储身份验证会话令牌,可能导致未经授权的系统访问和敏感信息泄露。
Description (English)
Vasion Print Virgin Application Host and Vasion Prince Application are products of the United States company Vasion. Vasion Prit Virgin Application Host is a print management software. Vasion Prince Application is a printer management application. There is a security loophole in the pre-Vasion Print Universal Host 1.735 and in the Vasion Print Application 20.0.1330 version, which stems from the local log mechanism for the explicit storage of the I.D. message badges, which may lead to unauthorized system access and the disclosure of sensitive information.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Vela
Published
2025-09-19
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/vasion-print-printerlogic-local-log-disclosure-of-cleartext-sessions https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-leak-secrets https://access.redhat.com/security/cve/cve-2025-34188