services / Azure / Garnet cluster cached data
Microsoft Garnet is a high-performance, Redis-compatible cache/in-memory data store offered under Microsoft.DocumentDB. These data-plane operations execute Redis-style commands directly against the keyspace, reading, writing, or deleting the values stored in the cluster.
A production cache cluster typically holds operational data for a single organizational function (sessions, counters, cached query results), which can include sensitive content; it is a single-function production data store (HIGH).
Microsoft.DocumentDB/garnetClusters/acl/getset/write
GETSET atomically overwrites a key's value (manipulation) and returns its prior value (exfiltration).
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security