CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-34087

In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver can be used for clickjacking. This includes the settings page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.6%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 6.8

References

https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf
https://ultimaker.com/3d-printers/ultimaker-s3
https://ultimaker.com/3d-printers/ultimaker-s5
https://kth.diva-portal.org/smash/get/diva2:1623489/FULLTEXT01.pdf
https://ultimaker.com/3d-printers/ultimaker-s3
https://ultimaker.com/3d-printers/ultimaker-s5

Products affected by CVE-2021-34087

Ultimaker » Ultimaker 3 » Version: N/A

cpe:2.3:h:ultimaker:ultimaker_3:-
Ultimaker » Ultimaker S3 » Version: N/A

cpe:2.3:h:ultimaker:ultimaker_s3:-
Ultimaker » Ultimaker S5 » Version: N/A

cpe:2.3:h:ultimaker:ultimaker_s5:-
Ultimaker » Ultimaker 3 Firmware » Version: 5.2.16

cpe:2.3:o:ultimaker:ultimaker_3_firmware:5.2.16
Ultimaker » Ultimaker S3 Firmware » Version: 6.3

cpe:2.3:o:ultimaker:ultimaker_s3_firmware:6.3
Ultimaker » Ultimaker S5 Firmware » Version: 6.3

cpe:2.3:o:ultimaker:ultimaker_s5_firmware:6.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34087

Products

Pricing

Contact Us