services / Azure / Azure SQL Sync Member
An Azure SQL Data Sync member is a database registered in a sync group that participates in bidirectional data synchronization, defined by its server/database identifiers and connection configuration.
Sync members are a supporting data-replication feature; their configuration describes which databases exchange data.
Microsoft.Sql/servers/databases/syncGroups/syncMembers/write
Creating/updating a sync member can point replication at an attacker-controlled database, both manipulating the sync configuration/data flow and pulling production data out through the sync channel.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog