Vulnerability Details CVE-2025-55264
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2025-55264
-
cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0