← Back
2026-03-26 13:7CVE-2025-55262HCL
PUBLISHED5.2CWE-798

HCL Aftermarket DPC is affected by SQL Injection

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.

Problem type

Affected products

HCL

Aftermarket DPC

version 1.0.0 - AFFECTED

References

support.hcl-software.com

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793

JSON source

https://cveawg.mitre.org/api/cve/CVE-2025-55262
Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2025-55262",
    "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
    "assignerShortName": "HCL",
    "dateUpdated": "2026-03-26T15:05:41.196Z",
    "dateReserved": "2025-08-12T06:59:56.644Z",
    "datePublished": "2026-03-26T13:07:04.407Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "shortName": "HCL",
        "dateUpdated": "2026-03-26T13:07:04.407Z"
      },
      "title": "HCL Aftermarket DPC is affected by SQL Injection",
      "descriptions": [
        {
          "lang": "en",
          "value": "HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.",
          "supportingMedia": [
            {
              "type": "text/html",
              "base64": false,
              "value": "HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database."
            }
          ]
        }
      ],
      "affected": [
        {
          "vendor": "HCL",
          "product": "Aftermarket DPC",
          "defaultStatus": "unaffected",
          "versions": [
            {
              "version": "version 1.0.0",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "CWE-798: Use of Hardcoded Credentials",
              "cweId": "CWE-798",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793"
        }
      ],
      "metrics": [
        {
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ],
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H",
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "NONE",
            "userInteraction": "REQUIRED",
            "scope": "UNCHANGED",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH"
          }
        }
      ]
    },
    "adp": [
      {
        "providerMetadata": {
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP",
          "dateUpdated": "2026-03-26T15:05:41.196Z"
        },
        "title": "CISA ADP Vulnrichment",
        "metrics": [
          {}
        ]
      }
    ]
  }
}