CVE-2024-4843 Information

Description

ePO doesn’t allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments hence escalating his/her privilege.

Reference

https://thrive.trellix.com/s/article/000013505