[cisco-voip] Access restrictions AXL/SOAP CCM4.2
Dietmar
db7td at gmx.de
Wed Oct 10 15:22:10 EDT 2007
Solution:
This is a known bug (CSCsc59620) that has been fixed in 4.2(1). Setting the
system parameter "Enable AXL Access Levels" to TRUE denies unauthorized
access to AXL. The default is, for whatever reason, FALSE!
Dietmar
On Wednesday 10 October 2007 03:22:13 Charles Ragan, Jr. wrote:
> Nope - it's true. With 4.2 and later you can restrict using MLA.
>
> With previous versions of CM, we chose to restrict what ip address space
> could access the soap/axl interface within IIS.
>
> Charles
>
> Dietmar <db7td at gmx.de> wrote:
> Hi all,
>
> while playing a little with the AXL/SOAP interface of CCM 4.2, I realized
> that every authenticated user is able to read and modify (!) ALL settings,
> even these of phones/lines that are not assigned to that user.
>
> I would have expected that a user can only modify his own settings with the
> AXL/SOAP interface. Hopefully, this is true and someone has an idea what is
> wrong with my CCM settings ;-). Any hints?
>
>
> Thanks,
> Dietmar
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
>
> Charles Ragan Jr., Technology Consultant
> Principal Consultant - CCIE #1764
> Cell Phone - 336-442-4361
> http://www.geocities.com/ciscojock2002/
More information about the cisco-voip
mailing list