CVE-2021-34087
Severity Score
7.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page.
En la impresora 3D Ultimaker S3, la impresora 3D Ultimaker S5, la impresora 3D Ultimaker 3 S-line versiones hasta 6.3 y la Ultimaker 3 versiones hasta 5.2.16, el servidor web local puede ser usado para hacer clickjacking. Esto incluye la pĆ”gina de configuraciĆ³n
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-06-07 CVE Reserved
- 2022-01-10 CVE Published
- 2024-08-04 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1021: Improper Restriction of Rendered UI Layers or Frames
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf | Technical Description |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://ultimaker.com/3d-printers/ultimaker-s3 | 2022-01-14 | |
| https://ultimaker.com/3d-printers/ultimaker-s5 | 2022-01-14 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ultimaker Search vendor "Ultimaker" | Ultimaker S3 Firmware Search vendor "Ultimaker" for product "Ultimaker S3 Firmware" | <= 6.3 Search vendor "Ultimaker" for product "Ultimaker S3 Firmware" and version " <= 6.3" | - |
Affected
| in | Ultimaker Search vendor "Ultimaker" | Ultimaker S3 Search vendor "Ultimaker" for product "Ultimaker S3" | - | - |
Safe
|
| Ultimaker Search vendor "Ultimaker" | Ultimaker S5 Firmware Search vendor "Ultimaker" for product "Ultimaker S5 Firmware" | <= 6.3 Search vendor "Ultimaker" for product "Ultimaker S5 Firmware" and version " <= 6.3" | - |
Affected
| in | Ultimaker Search vendor "Ultimaker" | Ultimaker S5 Search vendor "Ultimaker" for product "Ultimaker S5" | - | - |
Safe
|
| Ultimaker Search vendor "Ultimaker" | Ultimaker 3 Firmware Search vendor "Ultimaker" for product "Ultimaker 3 Firmware" | <= 5.2.16 Search vendor "Ultimaker" for product "Ultimaker 3 Firmware" and version " <= 5.2.16" | - |
Affected
| in | Ultimaker Search vendor "Ultimaker" | Ultimaker 3 Search vendor "Ultimaker" for product "Ultimaker 3" | - | - |
Safe
|