| |
Vulnerability CVE-2022-3229
Published: 2023-02-06 Modified: 2023-02-07
| Description: |
Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote, unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol, and leverage this now-unauthenticated access to run code of the attacker's choosing. |
References: |
https://github.com/rapid7/metasploit-framework/pull/16989
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
