InterSystems has addressed security vulnerabilities that impact applications using OAuth2 Client configurations on InterSystems IRIS, InterSystems IRIS for Health, HealthShare, HealthShare HealthConnect, TrakCare, Caché, and Ensemble. Remediation steps and additional guidance documentation are available from the InterSystems Worldwide Response Center (WRC).
Please reference “SVR2024B” when discussing this notice.
For assistance with remediation contact your Application Provider or InterSystems Worldwide Response Center.
Direct customers of InterSystems were initially informed about the vulnerabilities on November 20, 2024.