Unity Catalog versions 0.4.0 and earlier are subject to a critical authentication bypass that allows attackers to spoof identities by providing untrusted JWT issuer claims.

The vulnerability resides in the /api/1.0/unity-control/auth/tokens endpoint, which extracts the "iss" (issuer) claim from JWTs without verification. An attacker can provide a malicious issuer URL, forcing the system to fetch a JWKS from an attacker-controlled server to "validate" the token's signature.

This flaw facilitates a complete authentication bypass, allowing unauthorized users to access data and AI assets managed within the Unity Catalog. Given the CVSS score of 9.1, the impact is severe, potentially leading to the exposure of proprietary machine learning models and sensitive organizational datasets.

Immediate Action: Update Unity Catalog to the latest available version (post-0.4.0) that enforces a whitelist of trusted identity providers.

Proactive Monitoring: Audit authentication logs for unusual token exchange requests and monitor outbound network traffic for requests to unknown or suspicious domains originating from the Unity Catalog server.

Compensating Controls: Implement network-level egress filtering to prevent the Unity Catalog server from connecting to untrusted external JWKS endpoints or use a dedicated identity proxy.

Public Exploit Available: false

The reliance on untrusted issuer claims for signature verification fundamentally breaks the security model of the Unity Catalog. Organizations using this software for data governance must apply the vendor-provided patches immediately to prevent unauthorized access to critical AI infrastructure.