CVE-2025-55263

EPSS 0.04%
Veröffentlicht 26.03.2026 13:05:07
Zuletzt bearbeitet 26.03.2026 19:57:13
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data

HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Aftermarket Cloud Version1.0.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.119

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@hcl.com	7.3	2.1	5.2	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-55263

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-55263

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-55263

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-55263