Vasion Print Server-Side Request Forgery Vulnerability Allowing Internal Metadata Access
Vulnerability
A protection mechanism failure vulnerability has been identified in Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413, specifically in VA/SaaS deployments. The vulnerability arises from the file_get_contents() function, where an admin-level attacker can exploit unchecked hostname values to initiate a Server-Side Request Forgery (SSRF) attack. This involves redirecting requests to internal endpoints, such as the AWS EC2 metadata service, potentially leading to unauthorized access to sensitive information like cloud IAM keys and internal service enumeration, allowing further exploitation within the SaaS infrastructure.
Impact
Exploitation of this vulnerability allows for Server-Side Request Forgery (SSRF) attacks, where internal metadata can be accessed and potentially exploited, as confirmed by Vasion.
Remediation
Users can update to Vasion Print Virtual Appliance Host version 25.1.102 and Application version 25.1.1413 or later. For those using the Vasion Windows Client, an update to version 25.0.0.897 or later is available.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.