October 15, 2020
This post is part of the HealthShare HS2020-08 Alert communications process. The same information is also distributed:
- By Email
- On the Developer Community
- On the WRC Distribution Page InterSystems Documents
There are 2 alerts in the HealthShare HS2020-08 Alert communication, and outlined in the Alert Summary table below. The detail is contained in the attached document: HealthShare HS2020-08
These alerts do not affect HealthShare Health Connect or HSAP customers
| Alert | Product & Versions Affected | Risk Category & Score |
| HS2020-08-01: Negation in CDA Documents is Ignored by HealthShare. Update to Alert HS2020-04-01 | All versions of HealthShare Information Exchange and Unified Care Record. | Varies based on data |
| HS2020-08-02: CSRF Vulnerability when using HealthShare as a SAML Service Provider for Single Sign-On from a Third-Party Application | InterSystems HealthShare® Unified Care Record 2019.1, 2019.2, and 2020.1 | 3-Medium Risk (Security) |
If you have any questions regarding this advisory, please contact the Worldwide Response Center (WRC).