Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

User Tracking Utility 2.0 security bug?

Hi all,

From UTU 2.0 Help :

" ..User Tracking Utility (UTU) allows users with Help Desk access to search for users, hosts, or IP Phones

discovered by LMS.."

In reality, every  user  defined  in CP LMS 4.1 can track in  UTU all hosts, phones, users and devices connected to network.  Even user  without any rights in LMS  (with empty User Role assigned to him).

This is serious problem, especially  when Authentication Mode is set to external repository (e.g. MS Active Directory). Users without any permission,  can track network resources.

How can I limit access for UTU?

Any help would be greatly appreciated

Thanks!

262
Views
0
Helpful
0
Replies
CreatePlease to create content