Skip to content
Effectuez une recherche pour en savoir plus sur les produits et solutions InterSystems, les offres d'emploi, etc.

Advisory: Security Vulnerability When Using HealthShare as a SAML Service Provider

This problem affects the following products:

  • All versions of HealthShare® products

Requirements:

  • A HealthShare SAML Service Provider (SP) configuration

A medium severity security issue has been found in HealthShare Unified Care Record and the HealthShare suite of products when the environment has HealthShare configured as a SAML Service Provider.

The CVSS base score is 5 and the vector is:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C/CR:H/IR:L/AR:L/MAV:N/MAC:H/MPR:L/MUI:N/MS:U/MC:H/MI:L/MA:L

The correction for this defect is identified as HSIEO-3983, which is included in HealthShare 2025.1 and all future product releases. It is also available for older versions via ad hoc change file (patch) or full kit distribution by contacting the Worldwide Response Center (WRC).

RELATED TOPICS

Latest Alerts & Advisories

23 juil. 2025
InterSystems IRIS 2025.2 introduces the IRISSECURITY database, the new home for security data. Unlike IRISSYS, the previous home for security data, IRISSECURITY can be encrypted, which secures your sensitive data at rest. In a future version, IRISSECURITY will be mirrorable.
23 juil. 2025
InterSystems is pleased to announce the General Availability (GA) of the 2025.2 release of InterSystems IRIS® data platform. This is a Continuous Delivery (CD) release. Please note that the GA versions of InterSystems IRIS for Health™ and HealthShare® Health Connect™ 2025.2 are currently withheld due to mirroring limitations introduced by security updates (details below).
10 juin 2025
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
20 mai 2025
This problem affects the following products:

Passez à l'étape suivante

Nous serions ravis d'échanger avec vous. Remplissez les champs suivants et nous vous recontacterons.
*Champs obligatoires
Veuillez remplir tous les champs obligatoires*
*Champs obligatoires
Veuillez remplir tous les champs obligatoires*
** En cochant cette case, vous consentez à recevoir des actualités, des mises à jour et toute autre information à objectif marketing liés aux produits et événements actuels et futurs d'InterSystems. En outre, vous consentez à ce que vos coordonnées professionnelles soient saisies dans notre solution CRM hébergée aux États-Unis, mais conservées conformément aux lois applicables en matière de protection des données.