services / Azure / API Management named values

Named values are key/value constants (some flagged secret or backed by Key Vault) referenced across all API configurations and policies in an API Management instance.

May hold or reference credentials and backend URLs; secret-flagged values are masked on GET and require the listValue action to reveal.


Microsoft.​ApiManagement/​service/​namedValues/​listValue/​action

Returns the plaintext secret of a named value, which commonly stores backend credentials, keys, or connection strings used in policies, enabling credential exfiltration and lateral access to backends.

Risks

Scope: CRITICAL

This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​ApiManagement
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog