services / Azure / ACR task runs
ACR taskruns are quick-task / task execution records that run containerized build and run steps on ACR-managed compute, frequently under the registry's or task's assigned managed identity.
Taskruns execute attacker-definable workloads and their full details can embed source and custom-registry login credentials.
Microsoft.ContainerRegistry/registries/taskruns/listDetails/action
listDetails returns the full run request including embedded source and custom-registry login credentials, allowing an attacker to export reusable secret material and pivot into those registries/sources.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog