services / Azure / Garnet cluster sorted-set data
A data-plane sorted-set command surface on an Azure Managed Garnet (Redis-compatible) cache cluster, holding cached/operational key-value data for an application.
Production in-memory data store supporting a single organizational function; sorted-set entries may contain sensitive application data such as session, ranking, or queue state.
Microsoft.DocumentDB/garnetClusters/acl/zpopmin/delete
Removes the lowest-scored members and returns their values, both destroying and exfiltrating stored data.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog