Admin UI has a Security Dashboard that requires the 'security-read' permission to view and the 'security-edit' permission to modify.
It will display an error message if the user lacks these permission, based on a match of user's roles and the permission roles. This works fine.
However, if any authenticated user is granted a permission through wildcard role, e.g.
...then the check fails since it does not understand wildcard roles.