CVE-2026-2377: Server-Side Request Forgery (SSRF) in Red Hat Red Hat Quay 3.16
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems.
AI Analysis
Technical Summary
A Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-2377) exists in Red Hat Quay 3.16's mirror-registry component. Authenticated users can exploit the log export feature by providing a specially crafted URL, causing the backend to make arbitrary HTTP requests to internal network resources. This could lead to unauthorized access to sensitive information within the internal network. The vulnerability has a CVSS v3.1 base score of 6.5 (medium severity) with network attack vector, low attack complexity, and requiring privileges but no user interaction. Red Hat has published an advisory and released Red Hat Quay 3.16.4 which includes fixes for this issue. The product is not a cloud service, so remediation requires applying the update. No exploits in the wild are currently known.
Potential Impact
Successful exploitation allows an authenticated user to cause the backend of Red Hat Quay 3.16 to make arbitrary requests to internal network resources, potentially exposing sensitive internal information. The impact is limited to confidentiality as per the CVSS vector (C:H/I:N/A:N). There is no indication of integrity or availability impact. No known active exploitation has been reported.
Mitigation Recommendations
Red Hat has released Red Hat Quay 3.16.4 which includes a fix for CVE-2026-2377. Users should apply this update after ensuring all previously released errata relevant to their system have been applied. The vendor advisory (https://access.redhat.com/errata/RHSA-2026:19375) provides detailed update instructions. Since this is not a cloud service, remediation requires manual patching by the user. No additional mitigations or workarounds are specified in the advisory.
CVE-2026-2377: Server-Side Request Forgery (SSRF) in Red Hat Red Hat Quay 3.16
Description
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
A Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-2377) exists in Red Hat Quay 3.16's mirror-registry component. Authenticated users can exploit the log export feature by providing a specially crafted URL, causing the backend to make arbitrary HTTP requests to internal network resources. This could lead to unauthorized access to sensitive information within the internal network. The vulnerability has a CVSS v3.1 base score of 6.5 (medium severity) with network attack vector, low attack complexity, and requiring privileges but no user interaction. Red Hat has published an advisory and released Red Hat Quay 3.16.4 which includes fixes for this issue. The product is not a cloud service, so remediation requires applying the update. No exploits in the wild are currently known.
Potential Impact
Successful exploitation allows an authenticated user to cause the backend of Red Hat Quay 3.16 to make arbitrary requests to internal network resources, potentially exposing sensitive internal information. The impact is limited to confidentiality as per the CVSS vector (C:H/I:N/A:N). There is no indication of integrity or availability impact. No known active exploitation has been reported.
Mitigation Recommendations
Red Hat has released Red Hat Quay 3.16.4 which includes a fix for CVE-2026-2377. Users should apply this update after ensuring all previously released errata relevant to their system have been applied. The vendor advisory (https://access.redhat.com/errata/RHSA-2026:19375) provides detailed update instructions. Since this is not a cloud service, remediation requires manual patching by the user. No additional mitigations or workarounds are specified in the advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-02-11T20:57:59.704Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-2377","vendor":"Red Hat"}]
Threat ID: 69d6aa921cc7ad14daa3e922
Added to database: 4/8/2026, 7:20:50 PM
Last enriched: 5/20/2026, 6:16:16 PM
Last updated: 5/23/2026, 3:12:33 PM
Views: 92
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.