Vasion Print and Virtual Appliance Outdated OpenSSL Library Vulnerability

A vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140, specifically in macOS and Linux client deployments. These versions are built on OpenSSL 1.0.2h-fips, which has been unsupported since 2019. The use of this outdated library exposes known vulnerabilities that are no longer patched, potentially allowing attackers to exploit weaknesses in TLS/SSL processing or cryptographic operations. Affected daemons may issue deprecation warnings and rely on cryptographic components with unresolved security flaws.

Impact

The vulnerability could be exploited to weaken the application's cryptographic operations, potentially allowing attacks on TLS/SSL processing or other cryptographic functions.

Remediation

Users can update to Vasion Print Virtual Appliance Host version 22.0.893 and Application version 20.0.2140. For Vasion Print Windows Clients, update to version 25.0.0.897 or later. If using a third-party software to push the update, the Client installation package (MSI) is available.