Primary

Context

Vasion Print Weak Password Encryption Vulnerability

Vulnerability

A vulnerability exists in Vasion Print (formerly PrinterLogic) versions prior to Virtual Appliance Host 22.0.843 Application 20.0.1923, allowing weak password encryption. The application stored passwords using unsalted SHA1 hashing and transmitted authentication data with a custom double base64 encoding. While SHA1 is no longer actively used, the application retained this hashing method for backward compatibility with legacy passwords. The double-encoded credentials were intended to be non-reversible and were primarily protected by the HTTPS protocol.

Impact

Exploitation of this vulnerability could lead to the exposure of passwords, allowing for unauthorized access to user accounts.

Remediation

Users can update to Vasion Print, Virtual Appliance Host 22.0.843 / Application 20.0.1923 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vasion Print Weak Password Encryption Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating