SQL Injection Vulnerability in HCL Aftermarket DPC
CVE-2025-55262

8.3HIGH

Key Information:

Vendor: HCL Software
Status: Aftermarket Dpc
Vendor: CVE Published:; 26 March 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-55262?

The HCL Aftermarket DPC is vulnerable to SQL Injection, enabling attackers to manipulate database queries and potentially gain unauthorized access to sensitive information. This exploit can compromise the integrity and confidentiality of stored data, posing serious risks to organizations relying on this software. Proper validation and sanitization of user inputs are critical in mitigating the risks associated with this vulnerability.

Affected Version(s)

Aftermarket DPC version 1.0.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2026
Vulnerability Reserved
Aug 12, 2025

CVE-2025-55262 Data

JSON