Unity Connection Voicemail users can log into Administration page
I am running Unity Connection 1.2(1). Traditionally, I have blocked all client access to Unity Connection. I would like to start piloting some PCA and IMAP access to some clients, but I'm running into some potential security concerns.
Due to the PCA requiring HTTPS access to the server, the Unity Connection Administration login web page is now available to clients as well. If they slightly change the URL I provide to gain access to the PCA login page they can get the Administration login page. That's not the problem so much as the fact that a standard voicemail user is able to log into the Administration web page! Once they are logged in most items are not accessible to them and say 'Not Authorized' if they are clicked on, but the reports are fully accessible and a standard voicemail user can run any report on the server.
As some additional info, voicemail users do not have any 'Roles' assigned to them.
My question is: Is there a way to restrict access to the Administration page so that ALL items are inaccessible to standard voicemail users? I do not want my voicemail users to be able to run any reports at all. It would be better if they could not log into the Administration page in the first place and I see this as a serious design flaw in Unity Connection if it cannot be fixed easily.
Any help on this issue would be greatly appreciated.
Just to add to the response a bit, the reports (and everything else under Cisco Unity Connection Serviceability) in version 2.1 and above are inaccessible -- it doesn't even allow such users to log in to the Serviceability interface.
Right, in 2.1 and above the Reports are under Serviceability. Serviceability is not accessible even for viewing. So while users can still log into the System Administration interface and see the page links, there is no link to access Reports from there.
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast by Friday, December 3.
To learn what's new in this year's competition or to gain insights into the judging considerations, check out t...
Greetings, Wanted to share a few lessons learned while migrating from a distributed to centralized IMP deployment. Our current setup included many CUCM/IMP distributed clusters with centralized Expressway server for MRA login. We did not wish to perf...
Parsec's Cisco UCCE/PCCE CC Connector application for CRM works as a bridge between the CRM and Cisco UCCE/PCCE CC solution.The CRM can be any cloud based CRM like Salesforce (SFDC), ServiceNow ,MS Dynamics or a 3rd party CRM.The CRM user/Agent will have ...
It’s a feature which allows CUCM to determine whether the phone is in its home location or a roaming station.By enabling this feature users can roam from one site to another site and acquire the site-specific settings such as Codecs, MRGL, Call rout...