How the CVE Works:
In a Kubernetes environment, Ratify is used to authenticate to a private Azure Container Registry (ACR) using Azure workload identity and Azure managed identity authentication providers. The vulnerability arises because Ratify’s Azure authentication providers did not validate whether the target registry is an ACR before exchanging an Entra ID (EID) token for an ACR refresh token. This lack of validation allows the EID token to be presented to a non-ACR registry during the token exchange process. If a user workload references a malicious registry, the EID token with ACR access could be extracted and abused, leading to unauthorized access to private container images.
The issue is mitigated by updating the Azure authentication providers to include validation against a pre-configured list of well-known ACR endpoints. Token exchange now occurs only if the registry domain matches one of the configured ACR domain suffixes, including wildcard support.
DailyCVE Form:
Platform: Kubernetes
Version: Ratify (pre-patch)
Vulnerability: Authentication Bypass
Severity: Critical
Date: 2023-XX-XX
What Undercode Say:
Exploitation:
- Exploit Scenario: An attacker sets up a malicious container registry and tricks a Kubernetes workload into referencing it. Ratify, lacking proper validation, exchanges the EID token with the malicious registry, allowing the attacker to capture the token and gain access to private ACR resources.
2. Proof of Concept (PoC):
Simulate malicious registry setup docker run -d -p 5000:5000 --name malicious-registry registry:2 Reference malicious registry in Kubernetes workload kubectl apply -f malicious-pod.yaml
Example `malicious-pod.yaml`:
apiVersion: v1 kind: Pod metadata: name: malicious-pod spec: containers: - name: malicious-container image: localhost:5000/malicious-image
Protection:
- Patch Application: Update Ratify to the latest version that includes the validation fix.
helm upgrade ratify ratify/ratify --version <patched-version>
- Registry Validation: Ensure all ACR endpoints are validated against the pre-configured list of well-known ACR domains.
Example Ratify configuration with ACR validation authProviders: azure: allowedACRDomains:</li> </ol> - ".azurecr.io" - "myregistry.azurecr.io"
3. Network Policies: Restrict Kubernetes workloads to communicate only with trusted registries using network policies.
apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: allow-trusted-registries spec: podSelector: {} egress: - to: - ipBlock: cidr: 192.168.1.0/24 ports: - protocol: TCP port: 4434. Monitoring: Implement logging and monitoring to detect unauthorized registry access attempts.
kubectl logs -l app=ratify --tail=50
Additional Analytics:
- Affected Versions: Ratify versions prior to the patch.
- Attack Vector: Exploitation requires a malicious registry and a misconfigured workload.
- Mitigation Complexity: Low (patch application and configuration update).
- Risk Score: 9.5/10 (CVSS v3.1).
References:
References:
Reported By: https://github.com/advisories/GHSA-44f7-5fj5-h4px
Extra Source Hub:
UndercodeJoin Our Cyber World:
