HCL Aftermarket DPC Session Fixation Vulnerability Allowing Unauthorized Transaction Execution

Vulnerability

A session fixation vulnerability has been identified in HCL Aftermarket DPC, version 1.0.0. This vulnerability allows an attacker to take over a user's session and perform unauthorized transactions on behalf of the user.

Impact

Exploitation of this vulnerability could lead to unauthorized transactions being carried out in the user's session.

Added: Mar 26, 2026, 1:36 PM

Updated: Mar 26, 2026, 1:36 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL Aftermarket DPC Session Fixation Vulnerability Allowing Unauthorized Transaction Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating