Server-Side Request Forgery Vulnerability in Mirror Registry by Red Hat
CVE-2026-2377

6.5MEDIUM

What is CVE-2026-2377?

A vulnerability exists in Mirror Registry that allows authenticated users to exploit the log export feature by supplying a specially crafted URL. This flaw can lead to unauthorized backend requests, potentially compromising sensitive internal systems and exposing critical data. Protect your infrastructure from potential SSRF attacks by staying informed about this issue.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.