Unrated severityNVD Advisory· Published Mar 26, 2026· Updated Mar 26, 2026
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change
CVE-2025-55264
Description
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: version 1.0.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.