CVE-2025-55266

Summary

HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user.

Affected Software

VendorProductVersion RangeStatus
HCLAftermarket DPCversion 1.0.0affected

Weaknesses

  • CWE-384: CWE-384: Session Fixation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References