CVE-2024-4843

Publication date

2024-05-16 06:04:05

Family

trellix

State

PUBLISHED

Description

ePO doesnt allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege.