CVE-2022-4975
Published: 27 January 2025
Summary
CVE-2022-4975 is a high-severity Cross-site Scripting (CWE-79) vulnerability. Its CVSS base score is 8.9 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Browser Session Hijacking (T1185); ranked at the 45.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Deeper analysis
CVE-2022-4975 is a cross-site scripting (XSS) vulnerability, classified under CWE-79, in the Red Hat Advanced Cluster Security (RHACS) portal. The flaw occurs when rendering table views in the portal, such as on /main/configmanagement/* endpoints, where the front-end generates a DOM table element with id="pdf-table" and populates it using innerHTML with unsanitized data. This allows an attacker with some control over the rendered data to inject and execute malicious scripts in the context of the user's browser.
The vulnerability has a CVSS v3.1 base score of 8.9 (AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L), indicating it is exploitable over the network with low complexity by an attacker possessing low privileges, though it requires user interaction. A successful attack changes scope and can result in high impacts to confidentiality and integrity, with low availability impact, potentially allowing the attacker to steal session cookies, sensitive data, or perform unauthorized actions in the victim's session.
Mitigation details and patches are documented in the Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2022-4975 and the related Bugzilla entry at https://bugzilla.redhat.com/show_bug.cgi?id=2071527. Security practitioners should consult these resources for update instructions and workarounds specific to RHACS deployments.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-53921
Vulnerability details
A flaw was found in the Red Hat Advanced Cluster Security (RHACS) portal. When rendering a table view in the portal, for example, on any of the /main/configmanagement/* endpoints, the front-end generates a DOM table-element (id="pdf-table"). This information is then…
more
populated with unsanitized data using innerHTML. An attacker with some control over the data rendered can trigger a cross-site scripting (XSS) vulnerability.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
XSS in RHACS portal directly enables browser session hijacking and theft of web session cookies via script execution in victim context.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents XSS by filtering unsanitized data before it is rendered into the DOM table element using innerHTML.
Validates controlled data inputs to the RHACS portal endpoints before rendering, blocking malicious scripts from being accepted.
Enforces restrictions on data inputs to configmanagement endpoints, preventing invalid or malicious content that could trigger XSS.