Primary

Context

Schweitzer Engineering Laboratories Blueframe Software Vulnerability Allowing Unauthorized Username Modifications

Vulnerability

Patched

A vulnerability exists in the Blueframe software suite by Schweitzer Engineering Laboratories, specifically within the Blueframe OS version 1.12.0 and several applications and extensions that are part of the Blueframe ecosystem. This vulnerability allows an authenticated administrator to alter the 'Created By' username associated with a user account, potentially leading to unauthorized changes in user account management and oversight.

Impact

Exploitation of this vulnerability could result in unauthorized modifications of user account details, specifically the 'Created By' username, which could be misused for account management and oversight purposes.

Remediation

Users can update to Blueframe OS version 1.13.0 or later, where this vulnerability has been addressed. For details on the update process, refer to the Blueframe OS release notes.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.6

exploitability

2.8

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Schweitzer Engineering Laboratories Blueframe Software Vulnerability Allowing Unauthorized Username Modifications

Vulnerability

Impact

Remediation

Affected Products

SEL-5030

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating