Vasion Print Insecure Password Hashing Vulnerability

A vulnerability exists in Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application in VA/SaaS deployments, where user passwords are stored using unsalted SHA-512 hashes, with a fallback to unsalted SHA-1. This hashing is done using PHP's hash() function in several files. The absence of per-user salts and the use of fast hash algorithms unsuitable for password storage leave passwords vulnerable to offline dictionary or rainbow table attacks. Additionally, the code includes logic that upgrades legacy SHA-1 hashes to SHA-512 upon login, further risking users still using the old hash.

Impact

Exploitation of this vulnerability allows for the recovery of cleartext passwords from the hashed password database, using offline dictionary or rainbow table attacks.

Remediation

Users can update to Vasion Print Virtual Appliance Host v22.0.1026 / Application v20.0.2702, where this vulnerability has been fixed.