CVE-2025-55274 · CVEKit

cve.orgen

370 chars

HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they could steal sensitive data, perform actions on behalf of a legitimate user.

NVDen

370 chars

HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they could steal sensitive data, perform actions on behalf of a legitimate user.

NVDes

403 chars

HCL Aftermarket DPC está afectado por la vulnerabilidad de Cross-Origin Resource Sharing. Las malas configuraciones de CORS incluyen la exposición de información sensible del usuario a atacantes, acceso no autorizado a APIs y posible manipulación o fuga de datos. Si un atacante explotara una mala configuración de CORS, podrían robar datos sensibles, realizar acciones en nombre de un usuario legítimo.

CVSS metrics across sources

3

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.1	Primary	cve.org	2.6	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N