Primary

Context

C-DAC e-Sushrut Improper Authentication Vulnerability Allowing Authentication Bypass

Vulnerability

An authentication bypass vulnerability has been identified in the C-DAC e-Sushrut Hospital Management Information System (HMIS). This issue arises from improper authentication logic that depends on client-side response parameters to assess authentication status. A remote attacker could exploit this vulnerability by intercepting and altering the server response, thereby bypassing authentication and gaining unauthorized access to user accounts on the system.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts, allowing attackers to view or manipulate sensitive information.

Remediation

Contact C-DAC to upgrade e-Sushrut HMIS to the latest version.

Added: Apr 29, 2026, 9:22 AM

Updated: Apr 29, 2026, 9:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.0

remediation

0.0

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.0

remediation

0.0

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

C-DAC e-Sushrut Improper Authentication Vulnerability Allowing Authentication Bypass

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating