VYPR
Unrated severityNVD Advisory· Published Mar 26, 2026· Updated Mar 26, 2026

HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change

CVE-2025-55264

Description

HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.