All bulk actions (bulk-edit / bulk-delete / form info) in asset models do not have access control checks
1: Grant view to Asset Models
2: UI for bulk-edit and bulk-delete is still enabled, proceed.
3: You may bulk-delete / edit any asset model
This vulnerability is capable of viewing / editing / delete asset model information with DENY permissions,