CVE-2022-3229 Information

Description

Because the web management interface for Unified Intents’ Unified Remote solution does not itself require authentication a remote unauthenticated attacker can change or disable authentication requirements for the Unified Remote protocol and leverage this now-unauthenticated access to run code of the attacker’s choosing.

Reference

https://github.com/rapid7/metasploit-framework/pull/16989