CVE-2025-55264
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Affected products
HCL · Aftermarket DPCWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →