{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-55263", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "dateReserved": "2025-08-12T06:59:56.644Z", "datePublished": "2026-03-26T13:05:07.172Z", "dateUpdated": "2026-03-26T13:05:07.172Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2026-03-26T13:05:07.172Z"}, "title": "HCL Aftermarket DPC is affected by Hardcoded Sensitive Data", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-798", "description": "CWE-798: Use of Hardcoded Credentials", "type": "CWE"}]}], "affected": [{"vendor": "HCL", "product": "Aftermarket DPC", "versions": [{"status": "affected", "version": "version 1.0.0"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets."}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets."}], "id": "CVE-2025-55263", "lastModified": "2026-03-26T14:16:08.007", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.2, "source": "psirt@hcl.com", "type": "Secondary"}]}, "published": "2026-03-26T14:16:08.007", "references": [{"source": "psirt@hcl.com", "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "psirt@hcl.com", "type": "Secondary"}]}

{}

{}