HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability

3.1 / 10

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Description

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response..

Basic Information

ID CVE-2025-55271

Source HCL

Published Mar 26, 2026 at 12:59

Modified Mar 26, 2026 at 15:01

Affected Product

Vendor HCL

Product Aftermarket DPC

Version version 1.0.0

Affected Versions HCL Aftermarket DPC version 1.0.0

CWE Classification

CWE-113

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response..",
    "published": "2026-03-26T12:59:30.264Z",
    "modified": "2026-03-26T15:01:42.798Z",
    "type": "cve",
    "title": "HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793",
    "id": "CVE-2025-55271",
    "bulletinFamily": "",
    "cwe": [
        "CWE-113"
    ],
    "cvelist": null,
    "sourceData": "HCL Aftermarket DPC version 1.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 3.1,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Aftermarket DPC",
    "version": "version 1.0.0",
    "vendor": "HCL",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability_CVE-2025-55271