PT-2025-39878 · Unknown · Vasion Print Virtual Appliance Host+2
Pierre Barre
·
Published
2025-09-29
·
Updated
2025-09-29
·
CVE-2025-34207
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Vasion Print versions prior to 22.0.1049
Vasion Print Application versions prior to 20.0.2786
Description
The Vasion Print Virtual Appliance Host and Application are configured with insecure SSH client settings within Docker instances. Specifically, the options
UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes are enabled. These settings disable SSH host key verification and automatically forward the SSH agent, potentially allowing an attacker who compromises a single container to connect to a malicious SSH server, capture private keys, and move laterally within the environment.Recommendations
Update Vasion Print Virtual Appliance Host to version 22.0.1049 or later.
Update Vasion Print Application to version 20.0.2786 or later.
Exploit
Fix
Insufficiently Protected Credentials
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vasion Print
Vasion Print Application
Vasion Print Virtual Appliance Host