{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T11:05:31.209","vulnerabilities":[{"cve":{"id":"CVE-2025-55274","sourceIdentifier":"psirt@hcl.com","published":"2026-03-26T13:16:27.033","lastModified":"2026-03-26T20:19:07.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they could steal sensitive data, perform actions on behalf of a legitimate user."},{"lang":"es","value":"HCL Aftermarket DPC está afectado por la vulnerabilidad de Cross-Origin Resource Sharing. Las malas configuraciones de CORS incluyen la exposición de información sensible del usuario a atacantes, acceso no autorizado a APIs y posible manipulación o fuga de datos. Si un atacante explotara una mala configuración de CORS, podrían robar datos sensibles, realizar acciones en nombre de un usuario legítimo."}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N","baseScore":2.6,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@hcl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-942"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:aftermarket_cloud:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C71E5E64-ED4C-4763-8A74-5F9DDCFD13DA"}]}]}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793","source":"psirt@hcl.com","tags":["Vendor Advisory"]}]}}]}