← Volver a CVEs

CVE-2025-34201

HIGH

7.8

Descripcion

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) run many Docker containers on shared internal networks without firewalling or segmentation between instances. A compromise of any single container allows direct access to internal services (HTTP, Redis, MySQL, etc.) on the overlay network. From a compromised container, an attacker can reach and exploit other services, enabling lateral movement, data theft, and system-wide compromise.

Detalles CVE

Puntuacion CVSS v3.17.8

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado9/19/2025

Ultima modificacion9/24/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

vasion:virtual_appliance_applicationvasion:virtual_appliance_host

Debilidades (CWE)

CWE-653

Referencias

https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm(disclosure@vulncheck.com)

https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm(disclosure@vulncheck.com)

https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#va-lack-of-fw(disclosure@vulncheck.com)

https://www.vulncheck.com/advisories/vasion-print-printerlogic-lack-of-network-segmentation-between-docker-instances(disclosure@vulncheck.com)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.