HTTP Response Splitting Vulnerability in HCL Aftermarket DPC
CVE-2025-55271

3.1LOW

Key Information:

Vendor: HCL Software
Status: Aftermarket Dpc
Vendor: CVE Published:; 26 March 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-55271?

The HCL Aftermarket DPC is affected by an HTTP Response Splitting vulnerability that could allow an attacker to manipulate the way a web application processes and responds to HTTP requests. Exploiting this vulnerability may enable attackers to execute arbitrary commands or inject malicious content into server responses, posing significant risks to data integrity and user security.

Affected Version(s)

Aftermarket DPC version 1.0.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2026
Vulnerability Reserved
Aug 12, 2025

CVE-2025-55271 Data

JSON