漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Information Disclosure Vulnerability in e-Sushrut HMIS
Vulnerability Description
This vulnerability exists in e-Sushrut due to disclosure of sensitive information and hardcoded AES encryption keys in client-side JavaScript. An unauthenticated remote attacker could exploit this vulnerability by accessing the client-side code to extract sensitive information and cryptographic keys. Successful exploitation of this vulnerability could lead to exposure of sensitive data and compromise of cryptographic protections on the targeted system.
CVSS Information
N/A
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
CDAC e-Sushrut 安全漏洞
Vulnerability Description
CDAC e-Sushrut是印度CDAC公司的一个提供医院信息管理与医疗业务流程支持的系统平台。 CDAC e-Sushrut存在安全漏洞,该漏洞源于客户端JavaScript中泄露敏感信息和硬编码AES加密密钥,可能导致未经身份验证的远程攻击者通过访问客户端代码提取敏感信息和加密密钥,导致敏感数据暴露和加密保护受损。
CVSS Information
N/A
Vulnerability Type
N/A