CVE-2026-2377: Server-Side Request Forgery (SSRF) in Red Hat mirror registry for Red Hat OpenShift
CVE-2026-2377 is a Server-Side Request Forgery (SSRF) vulnerability in the mirror registry component of Red Hat OpenShift. Authenticated users can exploit the log export feature by submitting a crafted URL, causing the backend to make arbitrary requests to internal network resources. This vulnerability could allow unauthorized access to sensitive internal information. The CVSS score is 6. 5, indicating a medium severity level. There is no explicit vendor advisory content confirming a patch or mitigation status. No known exploits in the wild have been reported as of the publication date.
AI Analysis
Technical Summary
This vulnerability exists in the mirror registry for Red Hat OpenShift, where an authenticated user can abuse the log export feature by providing a specially crafted URL. This triggers the backend to perform arbitrary HTTP requests within the internal network, a classic SSRF scenario. The vulnerability could lead to unauthorized information disclosure from internal systems. The CVSS 3.1 vector indicates network attack vector, low attack complexity, requiring privileges but no user interaction, with high confidentiality impact and no integrity or availability impact.
Potential Impact
Successful exploitation allows an authenticated user to cause the backend server to make arbitrary requests to internal network resources, potentially exposing sensitive information from internal systems. There is no indication of integrity or availability impact. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-2377 for current remediation guidance. Since no official fix or temporary workaround is explicitly stated in the advisory content provided, users should monitor the vendor advisory for updates. Until a fix is available, restrict access to the log export feature to trusted users and networks if possible.
CVE-2026-2377: Server-Side Request Forgery (SSRF) in Red Hat mirror registry for Red Hat OpenShift
Description
CVE-2026-2377 is a Server-Side Request Forgery (SSRF) vulnerability in the mirror registry component of Red Hat OpenShift. Authenticated users can exploit the log export feature by submitting a crafted URL, causing the backend to make arbitrary requests to internal network resources. This vulnerability could allow unauthorized access to sensitive internal information. The CVSS score is 6. 5, indicating a medium severity level. There is no explicit vendor advisory content confirming a patch or mitigation status. No known exploits in the wild have been reported as of the publication date.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability exists in the mirror registry for Red Hat OpenShift, where an authenticated user can abuse the log export feature by providing a specially crafted URL. This triggers the backend to perform arbitrary HTTP requests within the internal network, a classic SSRF scenario. The vulnerability could lead to unauthorized information disclosure from internal systems. The CVSS 3.1 vector indicates network attack vector, low attack complexity, requiring privileges but no user interaction, with high confidentiality impact and no integrity or availability impact.
Potential Impact
Successful exploitation allows an authenticated user to cause the backend server to make arbitrary requests to internal network resources, potentially exposing sensitive information from internal systems. There is no indication of integrity or availability impact. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-2377 for current remediation guidance. Since no official fix or temporary workaround is explicitly stated in the advisory content provided, users should monitor the vendor advisory for updates. Until a fix is available, restrict access to the log export feature to trusted users and networks if possible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-02-11T20:57:59.704Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-2377","vendor":"Red Hat"}]
Threat ID: 69d6aa921cc7ad14daa3e922
Added to database: 4/8/2026, 7:20:50 PM
Last enriched: 4/8/2026, 7:35:52 PM
Last updated: 4/8/2026, 9:47:15 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.