CVE-2025-55270

LOW

HCL Aftermarket DPC is affected by Improper Input Validation

Title source: cna
STIX 2.1

Description

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc.

References (1)

Core 1

Scores

CVSS v3 3.5
EPSS 0.0002
EPSS Percentile 5.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-20
Status published
Products (2)
HCL/Aftermarket DPC version 1.0.0
hcltech/aftermarket_cloud 1.0.0
Published Mar 26, 2026
Tracked Since Mar 26, 2026