CVE-2025-55271

LOW

3.1

Description

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response..

Details CVE

Score CVSS v3.13.1

SeveriteLOW

Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Vecteur d'attaqueNETWORK

ComplexiteHIGH

Privileges requisNONE

Interaction utilisateurREQUIRED

Publie3/26/2026

Derniere modification3/26/2026

Sourcenvd

Observations honeypot0

Produits affectes

hcltech:aftermarket_cloud

Faiblesses (CWE)

CWE-113

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793(psirt@hcl.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.