Improper Input Validation in HCL Aftermarket DPC
CVE-2025-55270

3.5LOW

Key Information:

Vendor: HCL Software
Status: Aftermarket Dpc
Vendor: CVE Published:; 26 March 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-55270?

HCL Aftermarket DPC is susceptible to improper input validation, which could allow malicious actors to inject executable code. This vulnerability could lead to critical security risks, enabling attackers to perform various exploitations such as Cross-Site Scripting (XSS), SQL Injection, and Command Injection, compromising the integrity and confidentiality of the system.

Affected Version(s)

Aftermarket DPC version 1.0.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2026
Vulnerability Reserved
Aug 12, 2025

CVE-2025-55270 Data

JSON