Cisco Bug: CSCsz38845 - Read Only role user, allows write/delete RTMT operations
Nov 13, 2015
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Scenario : Read-Only user can cancel pending job Procedure : 1. Create a user with read-only access( Roles to be assigned : Standard CCM Admin Users, Standard Serviceability Read-Only). 2. Login into RTMT with the above user and schedule a job. 3. Try to delete the pending job from Job Status window. Expected Result: The Read-Only user should not be able to delete the pending job. A pop-up should come saying user does'nt have enough rights to delete an active job. Actual Result: The active(pending) job is getting deleted. Symptom: A user who has only Read Only permission could log in to RTMT and cancel a submitted job. Conditions: A user who has only Read Only permission could log in to RTMT and cancel a submitted job.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases