CVE-2025-48015: Observable Response Discrepancy
3.7
CVSS
Description
Failed login response could be different depending on whether the username was local or central.
Classification
CVE ID: CVE-2025-48015
CVSS Base Severity: LOW
CVSS Base Score: 3.7
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Problem Types
CWE-204 Observable Response DiscrepancyAffected Products
Vendor: Schweitzer Engineering Laboratories
Product: SEL-5056 Software-Defined Network Flow Controller
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 9.2% (scored less or equal to compared to others)
EPSS Date: 2025-06-06 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2025-48015https://selinc.com/products/software/latest-software-versions/