CVE-2025-55272— HCL Aftermarket DPC is affected by Banner Disclosure vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-55272
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL Aftermarket DPC is affected by Banner Disclosure vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights into the system’s software and version details which would allow them to craft software specific attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
HCL Aftermarket DPC 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
HCL Aftermarket DPC是印度HCL公司的一个数字化备件与售后服务管理平台。 HCL Aftermarket DPC存在安全漏洞,该漏洞源于横幅披露,可能导致攻击者获取系统软件和版本详情,从而实施针对特定软件的攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| HCL | Aftermarket DPC | version 1.0.0 | - |
II. Public POCs for CVE-2025-55272
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-55272
Please Login to view more intelligence information
Same Patch Batch · HCL · 2026-03-26 · 17 CVEs total
| CVE-2025-55262 | 8.3 HIGH | HCL Aftermarket DPC is affected by SQL Injection |
| CVE-2025-55261 | 8.1 HIGH | HCL Aftermarket DPC is affected by Missing Functional Level Access Control |
| CVE-2025-55263 | 7.3 HIGH | HCL Aftermarket DPC is affected by Hardcoded Sensitive Data |
| CVE-2025-55265 | 6.5 MEDIUM | HCL Aftermarket DPC is affected by File Discovery |
| CVE-2025-55266 | 5.9 MEDIUM | HCL Aftermarket DPC is affected by Session Fixation |
| CVE-2025-55267 | 5.7 MEDIUM | HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability |
| CVE-2025-55264 | 5.5 MEDIUM | HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change |
| CVE-2025-55273 | 4.3 MEDIUM | HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability |
| CVE-2025-55268 | 4.3 MEDIUM | HCL Aftermarket DPC is affected by Spamming Vulnerability |
| CVE-2025-55269 | 4.2 MEDIUM | HCL Aftermarket DPC is affected by Weak Password Policy vulnerability |
| CVE-2025-55275 | 3.7 LOW | HCL Aftermarket DPC is affected by Admin Session Concurrency vulnerability |
| CVE-2025-55270 | 3.5 LOW | HCL Aftermarket DPC is affected by Improper Input Validation |
| CVE-2025-55276 | 3.1 LOW | HCL Aftermarket DPC is affected by Internal IP Disclosure vulnerability |
| CVE-2025-55271 | 3.1 LOW | HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability |
| CVE-2025-55274 | 2.6 LOW | HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability |
| CVE-2025-55277 | 2.6 LOW | HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability |
IV. Related Vulnerabilities
Same product: Aftermarket DPC
- CVE-2025-55261
HCL Aftermarket DPC is affected by Missing Functional Level - CVE-2025-55262
HCL Aftermarket DPC is affected by SQL Injection - CVE-2025-55263
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data - CVE-2025-55264
HCL Aftermarket DPC is affected by Failure to Invalidate Ses - CVE-2025-55265
HCL Aftermarket DPC is affected by File Discovery
Same vendor: HCL
- CVE-2024-30151
HCL BigFix Service Management (SM) is susceptible to Broken - CVE-2025-31960
HCL BigFix Service Management (SM) is vulnerable to informat - CVE-2025-31975
HCL BigFix Service Management (SM) is affected by an Informa - CVE-2025-52613
HCL BigFix Service Management (SM) is affected by use of a v - CVE-2025-31984
HCL BigFix Service Management (SM) is affected by a security
Same weakness: CWE-200
- CVE-2026-42456
AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (ID - CVE-2026-41520
Cillium exposes sensitive information included in the cilium - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro - CVE-2026-43942
electerm: Full process.env exposed to renderer via window.pr - CVE-2026-42880
ArgoCD ServerSideDiff is vulnerable to Kubernetes Secret Ext
V. Comments for CVE-2025-55272
No comments yet