ratify up to 1.2.2/1.3.1 ACR Endpoint improper authentication

Summaryinfo

A vulnerability identified as critical has been detected in ratify up to 1.2.2/1.3.1. The impacted element is an unknown function of the component ACR Endpoint. The manipulation leads to improper authentication. This vulnerability is listed as CVE-2025-27403. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in ratify up to 1.2.2/1.3.1 and classified as critical. This issue affects some unknown functionality of the component ACR Endpoint. The manipulation with an unknown input leads to a improper authentication vulnerability. Using CWE to declare the problem leads to CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

Ratify is a verification engine as a binary executable and on Kubernetes which enables verification of artifact security metadata and admits for deployment only those that comply with policies the user creates. In a Kubernetes environment, Ratify can be configured to authenticate to a private Azure Container Registry (ACR). The Azure workload identity and Azure managed identity authentication providers are configured in this setup. Users that configure a private ACR to be used with the Azure authentication providers may be impacted by a vulnerability that exists in versions prior to 1.2.3 and 1.3.2. Both Azure authentication providers attempt to exchange an Entra ID (EID) token for an ACR refresh token. However, Ratify’s Azure authentication providers did not verify that the target registry is an ACR. This could have led to the EID token being presented to a non-ACR registry during token exchange. EID tokens with ACR access can potentially be extracted and abused if a user workload contains an image reference to a malicious registry. As of versions 1.2.3 and 1.3.2, the Azure workload identity and Azure managed identity authentication providers are updated to add new validation prior to EID token exchange. Validation relies upon registry domain validation against a pre-configured list of well-known ACR endpoints. EID token exchange will be executed only if at least one of the configured well-known domain suffixes (wildcard support included) matches the registry domain of the image reference.

The advisory is shared at github.com. The identification of this vulnerability is CVE-2025-27403 since 02/24/2025. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Neither technical details nor an exploit are publicly available.

Upgrading to version 1.2.3 or 1.3.2 eliminates this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Name

• ratify

Version

• 1.2.0
• 1.2.1
• 1.2.2
• 1.3.0
• 1.3.1

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion