Skip to content
Busque para obtener información sobre los productos y soluciones de InterSystems, las oportunidades de carrera y más.

Advisory: Apache Web Server provided with InterSystems kits – Vulnerability reports

November 19, 2021 - Advisory: Apache Web Server provided with InterSystems kits – Vulnerability reports

InterSystems kits include an Apache web server, which provides a convenient way for customers to interact with the Caché/IRIS Management Portal without needing to install an external web server; however, this web server should never be used for production instances, and customers must install a web server that fits their specific needs and security/risk requirements.

Recent tests have noted some security issues with the currently included Apache web server. Because this is a third-party technology that InterSystems does not control, InterSystems recommends installing a web server version directly obtained from Apache or another third party and disabling the included Apache web server. Our product documentation includes instructions on how to disable the web server provided with our kits. In addition, Apache also offers uninstall instructions that can be found on the Apache website.

InterSystems plans to include a more recent version of the Apache web server in upcoming releases. Similar to the current version, this version also cannot be used for production instances. In future releases of our products, InterSystems will not ship or install any web server; we will provide further updates with the specifics of our plans.

Latest Alerts & Advisories

Oct 07, 2025
Risk Category & Score Explicit Requirements DP-442892 InterSystems IRIS® data platform InterSystems IRIS® for Health HealthShare® Health Connect versions 2023.3.0, 2024.1.0 – 2024.1.3, 2024.2.0, 2024.3.0, and 2025.1.0 HealthShare® Unified Care Record versions 2024.2 and 2025.1 Wrong Results: High Risk Specific use of OUTER JOIN when the inner leg has an index on the join fields In InterSystems IRIS versions 2023.3.0, 2024.1.0 – 2024.1.3, 2024.2.0, 2024.3.0, and 2025.1.0, for queries that use an OUTER JOIN and where InterSystems IRIS performs parallel execution, the query may silently return wrong results.
Oct 07, 2025
Risk Category & Score Explicit Requirements HSHC-5268 HealthShare® Health Connect and InterSystems IRIS® for Health versions 2025.1.1 Functional: Medium Risk Occurs when performing SDA3 -> FHIR transformations involving the Encounter resource.
Oct 07, 2025
Risk Category & Score Explicit Requirements DP-443396 InterSystems IRIS® data platform InterSystems IRIS® for Health HealthShare® Health Connect versions 2024.1.0 – 2024.1.4, 2024.2.0, 2024.3.0, and 2025.1.0, and 2025.1.1 HealthShare® Unified Care Record versions 2024.2 and 2025.1 Wrong Results: Low Risk Using Common Table Expressions in Dynamic SQL
Sep 30, 2025
In InterSystems IRIS, InterSystems IRIS for Health, and HealthShare Health Connect, versions 2025.1.1 and 2025.2.0, the new “ Mirror Database Download” functionality does not include certain globals.
Sep 24, 2025
Risk Category & Score Explicit Requirements DP-444551 InterSystems IRIS® data platform InterSystems IRIS® for Health HealthShare® Health Connect versions 2025.1.0, 2025.1.1, and 2025.2
Sep 03, 2025
Risk Category & Score Explicit Requirements DP-442440 InterSystems IRIS ® data platform 2025.1.1.308.0 InterSystems IRIS for Health HealthShare® Health Connect Operational:
Jul 23, 2025
InterSystems IRIS 2025.2 introduces the IRISSECURITY database, the new home for security data. Unlike IRISSYS, the previous home for security data, IRISSECURITY can be encrypted, which secures your sensitive data at rest. In a future version, IRISSECURITY will be mirrorable.
Jul 23, 2025
InterSystems is pleased to announce the General Availability (GA) of the 2025.2 release of InterSystems IRIS® data platform. This is a Continuous Delivery (CD) release. Please note that the GA versions of InterSystems IRIS for Health™ and HealthShare® Health Connect™ 2025.2 are currently withheld due to mirroring limitations introduced by security updates (details below).
Jun 10, 2025
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
May 20, 2025
This issue affects all versions of HealthShare®: