CVE-2025-55261 | THREATINT

Description

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data.

PUBLISHED Reserved 2025-08-12 | Published 2026-03-26 | Updated 2026-03-26 | Assigner HCL

HIGH: 8.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Problem types

CWE-284: Improper Access Control.

Product status

Default status

unaffected

version 1.0.0

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0129793

cve.org (CVE-2025-55261)

nvd.nist.gov (CVE-2025-55261)

Download JSON