Vulnerability Details CVE-2025-55264
HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password change leading to account takeover.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.8%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2025-55264
-
cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0