InterSystems Official
Mike Morrissey · Oct 16, 2020

October 15, 2020 - Alert: HS2020-08: HealthShare Alerts

Dear HealthShare Customer:

This post is part of the HealthShare HS2020-08 Alert communications process.  The same information is also distributed:

There are 2 alerts in the HealthShare HS2020-08 Alert communication, and outlined in the Alert Summary table below.  The detail is contained in the attached document: HealthShare HS2020-08.

These alerts do not affect HealthShare Health Connect or HSAP customers

Alert Product & Versions Affected Risk Category & Score
HS2020-08-01: Negation in CDA Documents is Ignored by HealthShare. Update to Alert HS2020-04-01 All versions of HealthShare Information Exchange and Unified Care Record. Varies based on data
HS2020-08-02: CSRF Vulnerability when using HealthShare as a SAML Service Provider for Single Sign-On from a Third-Party Application

InterSystems HealthShare® Unified Care Record 2019.1, 2019.2, and 2020.1

3-Medium Risk
(Security)

If you have any questions regarding this advisory, please contact the Worldwide Response Center (WRC) at support@InterSystems.com
or  +1.617.621.0700., and reference “HealthShare Alert HS2020-08”.

00
0 0 37 1