There are 10 alerts in the HealthShare HS2023-02 Alert communication. An alert summary for each issue is shown is in the table below. Details for each alert are contained in the attached document: HS2023-02-Communication.
| Alert | Product & Versions Affected | Risk Category |
| HS2023-02-01: Security Vulnerability on Patient Index UI Page | • Patient Index - All versions prior to 2023.2 | Security: 4 - High Risk |
| HS2023-02-02: Security Vulnerability on Unified Care Record and Clinical Viewer UI Pages | Unified Care Record Clinical Viewer | Security Risk 3 – Medium Risk |
| HS2023-02-03: Security Vulnerability for IRIS for Health and Health Connect FHIR | InterSystems IRIS for Health HealthShare Health Connect | Security: 3 – Medium Risk |
| HS2023-02-04: HealthShare User Interface Session Fixation Vulnerability | HealthShare Solutions products: Unified Care Record, Information Exchange, Clinical Viewer, Provider Directory, Care Community, and Personal Community InterSystems IRIS for Health and HealthShare Health Connect | Security: 3 – Medium Risk |
| HS2023-02-05: HealthShare Mirror Monitor Agent May Perform Undesirable Configuration Steps after Upgrade | HealthShare Solutions products: Unified Care Record, Patient Index, Provider Directory, Health Insight, Care Community InterSystems IRIS for Health and HealthShare Health Connect | Operational: 5 – Very High Risk |
| HS2023-02-06: Possible HealthShare System Downtime Due to Instance Resource Exhaustion | Unified Care Record (Information Exchange) - All versions prior to 2023.1.1 | Operational: 5 – Very High Risk |
| HS2023-02-07: Health Insight Setup Step Restarts the Registry Production, Causing Downtime | Health Insight: - 2022.2, 2023.1, 2023.1.1 | Operational: 4 - High Risk |
| HS2023-02-08: Incorrect SQL Query Results When Runtime Plan Choice (RTPC) Is Enabled | HealthShare Solutions products: Unified Care Record, Patient Index, Provider Directory, Health Insight, Care Community, Healthcare Action Engine Personal Community InterSystems IRIS for Health and HealthShare Health Connect | Operational: 4 - High Risk |
| HS2023-02-09: ODS Purge Logic is Inverted | Unified Care Record - All versions prior to 2023.2 | Operational: 3 – Medium Risk |
| HS2023-02-10: Do Not Use Version Number to Determine How Long to Preserve a FHIR Resource from Purge | Unified Care Record - All versions prior to 2022.2 | Operational: 3 – Medium Risk |
If you have any questions regarding this alert, please contact the
Worldwide Response Center (WRC).