Skip to main content

Aftermarket Dpc CVE-2025-55276

| EUVDEUVD-2025-209075 LOW
Information Exposure (CWE-200)
2026-03-26 HCL GHSA-q4hc-p4wf-w7g4
3.1
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.1 LOW
AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 26, 2026 - 13:15 euvd
EUVD-2025-209075
Analysis Generated
Mar 26, 2026 - 13:15 vuln.today
CVE Published
Mar 26, 2026 - 12:46 nvd
LOW 3.1

DescriptionCVE.org

HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability will give attackers a clearer map of the organization’s network layout.

AnalysisAI

HCL Aftermarket DPC version 1.0.0 discloses internal IP addresses to unauthenticated remote attackers via a high-complexity attack vector requiring user interaction, enabling network reconnaissance but causing no direct confidentiality, integrity, or availability impact. No public exploit code has been identified; CISA has not flagged this vulnerability as actively exploited. While the CVSS score of 3.1 (low) reflects minimal immediate risk, the information disclosure enables attackers to map organizational network topology for follow-on attacks.

Technical ContextAI

HCL Aftermarket DPC is a product suite (cpe:2.3:a:hcl:aftermarket_dpc:*:*:*:*:*:*:*:*) affected by an Internal IP Disclosure vulnerability classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The root cause involves improper handling of network information that allows internal IP addresses to be exposed through the application's network interfaces or logging mechanisms. This is a passive information disclosure flaw-the vulnerability itself does not modify data or deny service, but rather leaks structural details of the target organization's infrastructure that would normally remain hidden behind firewalls and NAT boundaries. The exposure occurs in a context requiring network access (AV:N) and high attack complexity (AC:H) combined with user interaction (UI:R), suggesting the vulnerability may be triggered through a phishing or social engineering vector or via conditional logic in the application itself.

RemediationAI

Upgrade HCL Aftermarket DPC to a patched version released after 1.0.0, following the guidance in the HCL security advisory at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793. If immediate patching is not feasible, implement compensating controls: restrict network access to the Aftermarket DPC application via firewall rules limiting ingress to trusted administrative ranges, deploy a reverse proxy with request filtering to block requests that trigger the IP disclosure condition, enforce HSTS and Content-Security-Policy headers to reduce user-interaction attack surface, and conduct internal network scanning to verify no internal IP ranges are exposed via the application's error pages or logs. Monitor access logs for anomalous patterns consistent with reconnaissance (repeated requests to different endpoints, error-condition probing). Validate the patch installation by re-testing the conditions described in the advisory to confirm IP disclosure no longer occurs.

CVE-2025-55262 HIGH
8.3 Mar 26

SQL injection in HCL Aftermarket DPC version 1.0.0 enables unauthenticated remote attackers to extract sensitive databas

CVE-2025-55261 HIGH
8.1 Mar 26

Missing functional level access control in HCL Aftermarket DPC version 1.0.0 enables privilege escalation attacks that c

CVE-2025-55263 HIGH
7.3 Mar 26

Hardcoded credentials in HCL Aftermarket DPC version 1.0.0 enable authenticated low-privilege attackers with user intera

CVE-2025-55265 MEDIUM
6.5 Mar 26

HCL Aftermarket DPC version 1.0.0 is vulnerable to unauthenticated file discovery that allows remote attackers to read s

CVE-2025-55266 MEDIUM
5.9 Mar 26

HCL Aftermarket DPC versions up to 1.0.0 are vulnerable to session fixation attacks that enable attackers to hijack user

CVE-2025-55267 MEDIUM
5.7 Mar 26

HCL Aftermarket DPC versions prior to and including 1.0.0 suffer from an unrestricted file upload vulnerability (CWE-434

CVE-2025-55264 MEDIUM
5.5 Mar 26

Session invalidation failure in HCL Aftermarket DPC versions up to 1.0.0 allows authenticated attackers to maintain acti

CVE-2025-55268 MEDIUM
4.3 Mar 26

HCL Aftermarket DPC version 1.0.0 is vulnerable to excessive spamming that consumes server bandwidth and processing reso

CVE-2025-55273 MEDIUM
4.3 Mar 26

HCL Aftermarket DPC is vulnerable to Cross Domain Script Include (CWE-829) that permits unauthenticated remote attackers

CVE-2025-55269 MEDIUM
4.2 Mar 26

HCL Aftermarket DPC version 1.0.0 enforces weak password policies that enable attackers to conduct brute-force attacks a

CVE-2025-55275 LOW
3.7 Mar 26

HCL Aftermarket DPC versions up to 1.0.0 contain an admin session concurrency vulnerability that allows authenticated at

CVE-2025-55270 LOW
3.5 Mar 26

HCL Aftermarket DPC version 1.0.0 contains improper input validation (CWE-20) that enables multiple injection attack vec

Share

CVE-2025-55276 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy