What is CVE-2025-55270?

CVE-2025-55270 is a low-severity vulnerability in Hcl Aftermarket Dpc, classified under Improper Input Validation. CVSS score: 3.5/10. Published 2026-03-26.

How severe is CVE-2025-55270?

Low severity. CVSS v3 base score is 3.5 out of 10.

Improper input validation in Hcl Aftermarket Dpc

CVE-2025-55270

HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.000 (6.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N.

Affected products

Hcl Aftermarket Dpc — versions version 1.0.0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

support.hcl-software.com/csm

Frequently asked questions

What is CVE-2025-55270?: CVE-2025-55270 is a low-severity vulnerability in Hcl Aftermarket Dpc, classified under Improper Input Validation. CVSS score: 3.5/10. Published 2026-03-26.
How severe is CVE-2025-55270?: Low severity. CVSS v3 base score is 3.5 out of 10.