Description

Detects Azure Container Registries that have admin user authentication enabled. Using admin user credentials instead of Azure AD authentication creates security risks by bypassing Azure's identity-based access controls and potentially exposing admin credentials.

Detection Strategy

• Scans all Azure Container Registries in the subscription

• Reports a vulnerability if the 'admin_user_enabled' setting is set to true for any registry

• Flags each container registry where admin authentication is enabled as a separate security issue