CVE-2025-4674712.05.2025, 17:15An authenticated user without user-management permissions could identify other user accounts.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.7 MEDIUMNETWORKLOWLOWCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:NSELCNA5.7 MEDIUMNETWORKLOWLOWCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:NCISA-ADPADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 9%Common Weakness EnumerationCWE-497 - Exposure of Sensitive System Information to an Unauthorized Control SphereThe application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.Referenceshttps://selinc.com/products/software/latest-software-versions/