Skip to content
Effectuez une recherche pour en savoir plus sur les produits et solutions InterSystems, les offres d'emploi, etc.

Advisory: Incorrect Login Behavior using HealthShare as a SAML Service Provider

December 3, 2020 – Advisory: Incorrect Login Behavior using HealthShare as a SAML Service Provider

InterSystems has corrected a defect affecting the use of HealthShare as a SAML Service Provider when Single Sign-On (SSO) is also enabled.

This problem exists for:

  • HealthShare Unified Care Record 2019.1.x, 2019.2.x, and 2020.1.x

Any user using the Management Portal UI to configure HealthShare as a SAML Service Provider may experience an issue in which they are able to gain access to HealthShare as a different user than they expect to when using Single Sign-On (SSO) to access HealthShare from a third-party application such as an EHR.

The impact is that the user may be able to access HealthShare resources that they would otherwise be restricted from.  In addition, they may be restricted from resources they would otherwise be granted.

Customers using HealthShare as a SAML Service Provider should disable SSO until they receive and apply the fix to their system.

The correction for this defect is identified as HSIEO-3029, is fixed in Unified Care Record 2020.2 and will be included in all future product releases. It is also available via Ad hoc change file (patch) or full kit distribution from the Worldwide Response Center (WRC).

If you have any questions regarding this advisory, please contact the WRC.

RELATED TOPICS

Latest Alerts & Advisories

15 Aug 2024
InterSystems has corrected a defect that can cause database corruption or errors with multi-volume databases under extremely rare circumstances. Only databases that have been truncated are at risk.
24 Jul 2024
There are four alerts in the HS2024-03 Alert Communication. A summary of each alert is shown below. Details for each alert are contained in the linked document.
24 Jun 2024
Broadcom recently announced a problem that can cause data consistency errors in database applications. The Broadcom article is available here:
30 May 2024
Beginning with the release of InterSystems IRIS® data platform 2022.3, InterSystems corrected the license enforcement mechanism to include REST and SOAP requests. Due to this change, environments with non-core-based licenses that use REST or SOAP may experience greater license utilization after upgrading. To determine if this advisory applies to your InterSystems license, follow the instructions in the FAQ linked below.
01 May 2024
InterSystems has corrected an issue that can cause a small number of SQL queries to return incorrect results. See below for the specifics on impacted queries.
08 Apr 2024
InterSystems has encountered a defect that causes some upgrades of HealthShare® Health Connect to fail. This only affects instances that are not licensed for the use of FHIR® and that have interoperability-enabled namespaces. Under these conditions, the upgrade fails with an error.
19 Mar 2024
In evaluating an IBM Support notification, InterSystems has determined a potential impact for our customers. The notification in question is:
27 Feb 2024
There is 1 alert in the HealthShare HS2024-limited Alert communication. An alert summary for the issue is shown is in the table below. Details for the alert are contained in the attached document: HS2024 Limited Communication.
01 Feb 2024
There are 2 alerts in the HealthShare HS2024-02 Alert communication. An alert summary for each issue is shown is in the table below. Details for each alert are contained in the attached document: HS2024-02-Communication.

Passez à l'étape suivante

Nous serions ravis d'échanger avec vous. Remplissez les champs suivants et nous vous recontacterons.
*Champs obligatoires
Veuillez remplir tous les champs obligatoires*
*Champs obligatoires
Veuillez remplir tous les champs obligatoires*
** En cochant cette case, vous consentez à recevoir des actualités, des mises à jour et toute autre information à objectif marketing liés aux produits et événements actuels et futurs d'InterSystems. En outre, vous consentez à ce que vos coordonnées professionnelles soient saisies dans notre solution CRM hébergée aux États-Unis, mais conservées conformément aux lois applicables en matière de protection des données.