CVE-2022-4975
Published: 27 January 2025
Description
A flaw was found in the Red Hat Advanced Cluster Security (RHACS) portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/* endpoints, the front-end generates a DOM table-element (id="pdf-table"). This information is then populated with unsanitized data using innerHTML. An attacker with some control over the data rendered can trigger a cross-site scripting (XSS) vulnerability.
Security Summary
CVE-2022-4975 is a cross-site scripting (XSS) vulnerability, classified under CWE-79, in the Red Hat Advanced Cluster Security (RHACS) portal. The flaw occurs when rendering table views in the portal, such as on /main/configmanagement/* endpoints, where the front-end generates a DOM table element with id="pdf-table" and populates it using innerHTML with unsanitized data. This allows an attacker with some control over the rendered data to inject and execute malicious scripts in the context of the user's browser.
The vulnerability has a CVSS v3.1 base score of 8.9 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L), indicating it is exploitable over the network with low complexity by an attacker possessing low privileges, though it requires user interaction. A successful attack changes scope and can result in high impacts to confidentiality and integrity, with low availability impact, potentially allowing the attacker to steal session cookies, sensitive data, or perform unauthorized actions in the victim's session.
Mitigation details and patches are documented in the Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2022-4975 and the related Bugzilla entry at https://bugzilla.redhat.com/show_bug.cgi?id=2071527. Security practitioners should consult these resources for update instructions and workarounds specific to RHACS deployments.
Details
- CWE(s)