services / Azure / Web Apps Slots Backup configuration
An Azure App Service deployment slot is a live, addressable instance of a web/function/Logic App hosting application code, configuration (app settings, connection strings), and an assigned managed identity. Slots can be swapped into the production endpoint.
Slots host a single organizational function's production or staging workload; their configuration and managed identity make them a pivot point for code execution and lateral movement.
Microsoft.Web/Sites/slots/backup/read
Verified against the REST API (config/backup/list): the BackupRequest response returns properties.storageAccountUrl (a SAS URL to the backup container) and properties.databases[].connectionString, so reading it exfiltrates usable credential material in addition to enumerating backup settings.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security