CVE-2017-1552

Name of the Vulnerable Software and Affected Versions IBM Infosphere BigInsights versions 4.2.0 through 4.2.5

Description The issue allows a remote attacker to conduct various attacks against the vulnerable system by persuading a victim to click on a specially-crafted URL link. This can lead to cross-site scripting, cache poisoning, or session hijacking.

Recommendations For IBM Infosphere BigInsights versions 4.2.0 through 4.2.5, update to a version that is not affected by this issue to prevent link injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.