Print Center Security Update for Blueprint and Uniprint - August 2023
  • 15 Apr 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Print Center Security Update for Blueprint and Uniprint - August 2023

  • Dark
    Light
  • PDF

Article summary

Background 

Pharos has identified a security vulnerability impacting Print Center for Pharos Blueprint and Uniprint that makes it possible for a malicious actor with direct access to the code to gain access to some configuration settings using unauthorized methods. An attacker would NOT be able to access any personally identifiable information (PII) or documents nor cause a complete denial of service of print functions. 

At this point, Pharos does not believe that the vulnerability is being actively exploited and is not aware of any customers that have been impacted. 

Pharos’ Common Vulnerability Scoring System (CVSS) score (0-10, with 0 representing the least severe and 10 representing the most severe) results in a “Medium” level of severity, with a Base score of 5.6 and Overall score of 5.3. 

Impacted versions of Pharos software 

This vulnerability impacts the following versions of Blueprint and Uniprint:  

Product  

Print Center 

Blueprint 5.2 (all versions) with Print Center 

         2.4.2.0 to 4.1.12.93           

Blueprint 5.3 (all versions) 

         4.5.0.400 to 5.4.1.61 

Blueprint 5.4 to 5.4 Update 1 

         5.4.3.7 to 5.4.5.47 

Uniprint 9.0 R2 (all versions) 

         2.2.2 to 3.6.12 

Uniprint 9.1 (all versions) 

         4.0.1 to 4.11.22 

Uniprint 9.2 

         5.0.17 to 5.0.24    

Pharos Response 

Pharos has released the following fixes: 

  • Blueprint:  

  • Uniprint:  

  • New Site Security Utility for Blueprint and Uniprint (recommended): This utility strengthens security by allowing system administrators to generate a password to further protect the system. Note: This step requires manually applying on each server.  

Mitigation steps for impacted software

Product 

Print Center 

Mitigation 

Blueprint 5.2 (all versions) WITH Print Center installed 

*5.2 without Print Center is NOT impacted 

2.4.2.0 to 4.1.12.93 

  • Upgrade to Blueprint 5.4 Update 2 with Print Center 5.5.1.12 or later 

  • If MobilePrint deployed, upgrade to MobilePrint 2.5.0 

Blueprint 5.3 (all versions) 

4.5.0.400 to 5.4.1.61 

  • Upgrade to Blueprint 5.3 Update 7 (if needed) 

  • Apply Update 7 patch with Print Center 5.4.2.1 

  • If MobilePrint deployed, upgrade to MobilePrint 2.5.0 

Blueprint 5.4 to 5.4 Update 1 

5.4.3.7 to 5.4.5.47 

  • Upgrade to Blueprint 5.4 Update 2 with Print Center 5.5.1.12 or later 

  • If MobilePrint deployed, upgrade to MobilePrint 2.5.0 

Uniprint 9.0 R2 (all versions) 

2.2.2 to 3.6.12 

  • Upgrade to Uniprint 9.2 

  • Apply Print Center 5.0.26 or later 

  • If MobilePrint deployed, upgrade to MobilePrint 2.5.0 

Uniprint 9.1 (all versions) 

4.0.1 to 4.11.22 

  • Upgrade to SP3 

  • Apply Print Center 4.11.23 or later 

  • If MobilePrint deployed, upgrade to MobilePrint 2.5.0 

Uniprint 9.2 

5.0.17 to 5.0.24 

  • Apply Print Center 5.0.26.16 or later 

  • If MobilePrint deployed, upgrade to MobilePrint 2.5.0 

 

Blueprint and Uniprint customers should install the fixes. Older, unsupported versions of Blueprint and Uniprint should be upgraded to a supported version of software first. 

How long will the updates take? 

For Blueprint customers already on Blueprint 5.3 Update 7 or 5.4 Update 1, the updates should take less than 15 minutes. If a customer is on an earlier version of 5.3 or the 5.4 General Release, it may take around 15 minutes per server to apply the fix (servers can be updated concurrently). 

For Uniprint customers already on Uniprint 9.1 SP3 or 9.2 General Release, the updates should take less than 15 minutes. If a customer is on Uniprint 9.1 General Release, 9.1 SP1, or 9.1 SP2, it may take around 15 minutes to an hour per server to apply the Service Pack, including this update (servers can be updated concurrently).  

We understand that you depend on Pharos for your user printing and want to assure you that the security and uptime of your system is our number one priority. If you have any questions, please submit a support case on the Pharos Community.  


Was this article helpful?


Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.