------------------------------------------------------------------
1. Summary:
Unidesk management appliance is prone to a forceful browsing vulnerability that
allows an attacker access to administrator resources.
------------------------------------------------------------------
2. Description:
The "ReportingService" of the web services does not check for session
credentials to access reports about the Virtual Desktop Infrastructure
environment.
These reports provides information such as:
* Applications installed
* CachePoint appliance information
* Desktop names
* Domain usernames
* Operating systems installed
An attacker may gain access to the reports by directly pointing to the
following URL:
/Uni.Web/Reporting/Default.aspx
------------------------------------------------------------------
3. Impact:
This issue can be exploited to access sensitive information that may lead to
further attacks.
------------------------------------------------------------------
4. Affected Products:
Unidesk Management Console version 1.3.0 and prior.
------------------------------------------------------------------
5. Solution: Upgrade to version 1.4.0
------------------------------------------------------------------
6. Time Table:
3/17/2011 Reported Vulnerability to the Vendor
3/25/2011 Vendor Acknowledge Vulnerability, fix will be addressed in the 1.4.0
release
------------------------------------------------------------------
7. Credits:
Discovered by Nathan Power
www.securitypentest.com
------------------------------------------------------------------
