Primary

Context

C-DAC e-Sushrut Cryptographic Failure Vulnerability Allowing Unauthorized Access to Sensitive Information

Vulnerability

A vulnerability in C-DAC's e-Sushrut Hospital Management Information System (HMIS) arises from the use of reversible Base64 encoding to protect sensitive data. This flaw allows authenticated attackers to decode and manipulate Base64-encoded parameters in the request URL, potentially gaining unauthorized access to sensitive information on the targeted system.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, with potential implications for patient privacy and data security.

Remediation

Contact C-DAC to upgrade e-Sushrut HMIS to the latest version.

Added: Apr 29, 2026, 9:18 AM

Updated: Apr 29, 2026, 9:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

7.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

C-DAC e-Sushrut Cryptographic Failure Vulnerability Allowing Unauthorized Access to Sensitive Information

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating