This problem affects the following products:
- All versions of HealthShare® products
Requirements:
- A HealthShare SAML Service Provider (SP) configuration
A medium severity security issue has been found in HealthShare Unified Care Record and the HealthShare suite of products when the environment has HealthShare configured as a SAML Service Provider.
The CVSS base score is 5 and the vector is:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C/CR:H/IR:L/AR:L/MAV:N/MAC:H/MPR:L/MUI:N/MS:U/MC:H/MI:L/MA:L
The correction for this defect is identified as HSIEO-3983, which is included in HealthShare 2025.1 and all future product releases. It is also available for older versions via ad hoc change file (patch) or full kit distribution by contacting the Worldwide Response Center (WRC).