CVE-2025-55271
Received Received - Intake

HTTP Response Splitting in HCL Aftermarket DPC Enables Command Injection

Vulnerability report for CVE-2025-55271, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-26

Last updated on: 2026-03-26

Assigner: HCL Software

Description

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response..

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-26
Last Modified
2026-03-26
Generated
2026-07-06
AI Q&A
2026-03-26
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
hcltech aftermarket_cloud 1.0.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-113 The product receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The vulnerability in HCL Aftermarket DPC is an HTTP Response Splitting issue. This means that depending on how the web application processes the HTTP response, an attacker could manipulate the response by injecting malicious content or executing arbitrary commands.

Impact Analysis

This vulnerability can allow an attacker to inject harmful content into the web application's HTTP response or execute arbitrary commands, potentially leading to security risks such as web cache poisoning, cross-site scripting, or other malicious activities.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55271. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart