PT-2022-10321 · Ultimaker · Ultimaker S5+1
Published
2022-01-10
·
Updated
2022-01-14
·
CVE-2021-34087
CVSS v3.1
7.1
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Ultimaker S3 3D printer versions prior to 6.3
Ultimaker S5 3D printer versions prior to 6.3
Ultimaker 3 3D printer S-line versions prior to 6.3
Ultimaker 3 3D printer versions prior to 5.2.16
Description
The issue allows the local webserver to be used for clickjacking, which includes the settings page.
Recommendations
For Ultimaker S3 3D printer versions prior to 6.3, update to version 6.3 or later.
For Ultimaker S5 3D printer versions prior to 6.3, update to version 6.3 or later.
For Ultimaker 3 3D printer S-line versions prior to 6.3, update to version 6.3 or later.
For Ultimaker 3 3D printer versions prior to 5.2.16, update to version 5.2.16 or later.
Fix
Clickjacking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ultimaker S3
Ultimaker S5