Print Center Security Update for Blueprint and Uniprint
- 15 Apr 2024
- 2 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Print Center Security Update for Blueprint and Uniprint
- Updated on 15 Apr 2024
- 2 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Background
Pharos has identified a security vulnerability impacting Print Center for Pharos Blueprint and Uniprint that makes it possible for a malicious actor with direct access to the code to gain access to some configuration settings using unauthorized methods. An attacker would NOT be able to access any personally identifiable information (PII) or documents nor cause a complete denial of service of print functions.
At this point, Pharos does not believe that the vulnerability is being actively exploited and is not aware of any customers that have been impacted.
Pharos’ Common Vulnerability Scoring System (CVSS) score (0-10, with 0 representing the least severe and 10 representing the most severe) results in a “Medium” level of severity, with a Base score of 5.6 and Overall score of 5.3.
Impacted versions of Pharos software
This vulnerability impacts the following versions of Blueprint and Uniprint:
Product | Print Center |
Blueprint 5.2 (all versions) with Print Center | 2.4.2.0 to 4.1.12.93 |
Blueprint 5.3 (all versions) | 4.5.0.400 to 5.4.1.61 |
Blueprint 5.4 to 5.4 Update 1 | 5.4.3.7 to 5.4.5.47 |
Uniprint 9.0 R2 (all versions) | 2.2.2 to 3.6.12 |
Uniprint 9.1 (all versions) | 4.0.1 to 4.11.22 |
Uniprint 9.2 | 5.0.17 to 5.0.24 |
Pharos Response
Pharos has released the following fixes:
Blueprint:
Uniprint:
New Site Security Utility for Blueprint and Uniprint (recommended): This utility strengthens security by allowing system administrators to generate a password to further protect the system. Note: This step requires manually applying on each server.
Mitigation steps for impacted software
Product | Print Center | Mitigation |
Blueprint 5.2 (all versions) WITH Print Center installed *5.2 without Print Center is NOT impacted | 2.4.2.0 to 4.1.12.93 |
|
Blueprint 5.3 (all versions) | 4.5.0.400 to 5.4.1.61 |
|
Blueprint 5.4 to 5.4 Update 1 | 5.4.3.7 to 5.4.5.47 |
|
Uniprint 9.0 R2 (all versions) | 2.2.2 to 3.6.12 |
|
Uniprint 9.1 (all versions) | 4.0.1 to 4.11.22 |
|
Uniprint 9.2 | 5.0.17 to 5.0.24 |
|
Blueprint and Uniprint customers should install the fixes. Older, unsupported versions of Blueprint and Uniprint should be upgraded to a supported version of software first.
How long will the updates take?
For Blueprint customers already on Blueprint 5.3 Update 7 or 5.4 Update 1, the updates should take less than 15 minutes. If a customer is on an earlier version of 5.3 or the 5.4 General Release, it may take around 15 minutes per server to apply the fix (servers can be updated concurrently).
For Uniprint customers already on Uniprint 9.1 SP3 or 9.2 General Release, the updates should take less than 15 minutes. If a customer is on Uniprint 9.1 General Release, 9.1 SP1, or 9.1 SP2, it may take around 15 minutes to an hour per server to apply the Service Pack, including this update (servers can be updated concurrently).
We understand that you depend on Pharos for your user printing and want to assure you that the security and uptime of your system is our number one priority. If you have any questions, please submit a support case on the Pharos Community.
Was this article helpful?