Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list

Summary An authenticated and unauthorized user can access the list of potential duplicate users and see their data. Details Permissions do not seem to be enforced when reaching the /admin/customermanagementframework/duplicates/list endpoint allowing an authenticated user without the permissions t...