Vasion Print Remote Network Scanning and Denial-of-Service Vulnerability

A vulnerability in Vasion Print (formerly PrinterLogic) prior to Virtual Appliance Host 22.0.843 and Application 20.0.1923 allows remote network scanning and denial-of-service conditions. Several PHP files can initiate connections to user-defined third-party servers using LDAP protocols, which could potentially reach internal cloud services. While these files simply test connectivity and do not exploit internal resources, they could tie up resources and lead to denial-of-service conditions.

Impact

Exploitation of this vulnerability could cause denial-of-service conditions by tying up internal resources.

Remediation

Users of Vasion Print (formerly PrinterLogic SaaS) have already received the update. For the Virtual Appliance, the fix will be applied with the next update, which will include Host build 22.0.843 and Application build 20.0.1923.