9.8
CVE-2025-55269
- EPSS 0.02%
- Veröffentlicht 26.03.2026 13:00:31
- Zuletzt bearbeitet 26.03.2026 20:33:42
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
LoginHCL Aftermarket DPC is affected by Weak Password Policy vulnerability
HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hcltech ≫ Aftermarket Cloud Version1.0.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.056 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| psirt@hcl.com | 4.2 | 1.6 | 2.5 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.