In Unity Catalog versions 0.4.0 and earlier, the token exchange endpoint (/api/1.0/unity-control/auth/tokens) retrieves the issuer (iss) claim from incoming JWTs and uses that value to dynamically fetch the corresponding JWKS endpoint for signature validation, but it does not verify that the issuer is a trusted identity provider. This omission allows an attacker to craft a JWT signed by an arbitrary issuer and successfully pass authentication, effectively impersonating any user in the system. The vulnerability is classified under CWE-1390, CWE-290, and CWE-346.

The vulnerability affects the Unity Catalog product from the vendor unitycatalog. Applicable versions are 0.4.0 and any earlier releases. The affected CPE string is cpe:2.3:a:unitycatalog:unitycatalog:*:*:*:*:data:*:*:*, indicating the generic data and AI catalog platform.

The CVSS score of 9.1 categorizes this as a critical severity vulnerability. The EPSS score of less than 1% suggests the likelihood of exploitation is currently low, and the vulnerability is not listed in the CISA KEV catalog. While the exact attack vector is not explicitly stated in the provided data, it is inferred that an attacker would need network access to the token exchange endpoint, making it an online exploit scenario. Successful exploitation permits full user impersonation, compromising confidentiality, integrity, and potentially the availability of data services within the affected Unity Catalog deployment.