CVE-2025-55271

Low

Published: 26 March 2026

Published

26 March 2026

Modified

26 March 2026

KEV Added

—

Patch

—

CVSS Score 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS Score 0.0002 6.4th percentile

Risk Priority 6 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-55271 is a low-severity HTTP Request/Response Splitting (CWE-113) vulnerability in Hcltech Aftermarket Cloud. Its CVSS base score is 3.1 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 6.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

SI-10 enforces validation of user inputs to block CRLF injections that enable HTTP response splitting in HCL Aftermarket DPC.

SI-15 Information Output Filtering good match

prevent

SI-15 filters information outputs to neutralize split responses and prevent injection of harmful content or arbitrary commands.

SI-2 Flaw Remediation good match

preventrecover

SI-2 remediates the specific flaw in HCL Aftermarket DPC responsible for improper HTTP response handling, preventing exploitation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Direct remote exploitation of a public-facing web application via HTTP response splitting (CWE-113).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response..

Deeper analysisAI

CVE-2025-55271 is an HTTP Response Splitting vulnerability (CWE-113) affecting HCL Aftermarket DPC. Published on 2026-03-26T13:16:26.567, it has a CVSS v3.1 base score of 3.1 (AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N), indicating low severity with network accessibility but high attack complexity, no privileges required, and user interaction needed.

An unauthenticated remote attacker can exploit this vulnerability over the network by inducing response splitting. Depending on how the affected web application processes the split response, the attacker may execute arbitrary commands or inject harmful content, potentially leading to low-impact confidentiality disclosure.

The HCL support knowledge base article at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793 provides details on mitigation and related advisories for this vulnerability.

Details

CWE(s): CWE-113

Affected Products

hcltech

aftermarket cloud

1.0.0

CVEs Like This One

CVE-2025-55262Same product: Hcltech Aftermarket Cloud

CVE-2025-55267Same product: Hcltech Aftermarket Cloud

CVE-2025-55270Same product: Hcltech Aftermarket Cloud

CVE-2025-55261Same product: Hcltech Aftermarket Cloud

CVE-2025-55275Same product: Hcltech Aftermarket Cloud

CVE-2025-55265Same product: Hcltech Aftermarket Cloud

CVE-2025-55269Same product: Hcltech Aftermarket Cloud

CVE-2025-55263Same product: Hcltech Aftermarket Cloud

CVE-2025-52628Same vendor: Hcltech

CVE-2025-31958Same vendor: Hcltech

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129793
Vendor Advisory · psirt@hcl.com