CVE-2025-55277

Description

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application.

CVSS Details

CVSS Score

2.6

Severity

LOW

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0:*:*:*:*:*:*:* - VULNERABLE

HCL Aftermarket DPC (具体受影响版本请参考厂商公告)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

def check_vulnerable_component(target_url):
    """
    Proof of Concept: Check for signs of outdated components in HCL Aftermarket DPC.
    """
    try:
        response = requests.get(target_url, timeout=10)
        headers = response.headers
        content = response.text
        
        # Example check: Look for specific version markers in headers or body
        print(f"[*] Checking {target_url}...")
        if 'X-Powered-By' in headers:
            print(f"[+] X-Powered-By: {headers['X-Powered-By']}")
            
        # Logic to detect specific vulnerable version strings would be implemented here
        if "specific_vulnerable_fingerprint" in content:
            print("[!] Potential vulnerability detected!")
        else:
            print("[-] Vulnerable fingerprint not found.")
            
    except Exception as e:
        print(f"[Error] {e}")

# check_vulnerable_component("http://example.com")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-55277
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-55277
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-55277/
[4] VulDB https://vuldb.com/cve/CVE-2025-55277
[5] https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-55277", "sourceIdentifier": "[email protected]", "published": "2026-03-26T13:16:27.487", "lastModified": "2026-03-26T20:23:30.913", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application."}, {"lang": "es", "value": "HCL Aftermarket DPC se ve afectado por la vulnerabilidad de Uso de Versiones Vulnerables/Anticuadas, mediante la cual un atacante podría aprovechar los exploits disponibles en internet y diseñar ataques contra la aplicación."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "baseScore": 2.6, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.2, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1104"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C71E5E64-ED4C-4763-8A74-5F9DDCFD13DA"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}