Azure CLI was vulnerable to a registry server confusion attack in it’s Azure Container Registry (ACR) module. If an attacker controls the value of the registry name, they can leak the token of the principal, scoped to the ARM API at https://management.azure.com/, effectively giving access to all Azure resources that the principal has access to. This was fixed in version azure-cli-2.54.0 in November 2023, so most users and CI/CDs have long since been updated past this.