Vasion Print and Virtual Appliance Improper Isolation Between Docker Instances Allow Lateral Movement and System-Wide Compromise
Vulnerability
A vulnerability exists in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application in both VA and SaaS deployments. The issue arises because multiple Docker containers run on shared internal networks without proper firewalling or segmentation. This lack of isolation means that a compromise of any single container can lead to direct access to internal services such as HTTP, Redis, and MySQL on the overlay network. An attacker could exploit this to move laterally between services, steal data, and potentially compromise the entire system.
Impact
Exploitation of this vulnerability could lead to unauthorized access and manipulation of internal services, facilitating lateral movement within the network, data theft, and a complete system compromise.
Remediation
Vasion has released patches for this vulnerability. Users can update to Vasion Print, Virtual Appliance Host v22.0.1026 / Application v20.0.2702. For those using the Vasion Windows Client, update to Version 25.0.0.897 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.