HIGH🇵🇱 Wersja polska

CVE-2025-55263

CVSS 7.3v3.1pub. 2026-03-26

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H
  • Hcltech Aftermarket Cloud

    APP
    Hcltech
    1.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-55262HIGH8.3ten sam produkt

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrie...

CVE-2025-55261HIGH8.1ten sam produkt

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escala...

CVE-2025-55265MEDIUM6.5ten sam produkt

HCL Aftermarket DPC is affected by File Discovery which allows attacker could exploit this issue to read sensi...

CVE-2025-55266MEDIUM5.9ten sam produkt

HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and u...

CVE-2025-55264MEDIUM5.5ten sam produkt

HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to acc...