services / Azure / Web App slot connection string
Connection strings of an Azure App Service deployment slot that embed credentials for backing databases and storage services.
Connection strings by definition contain database/storage credentials returned in cleartext; credential material.
Microsoft.Web/Sites/slots/config/web/connectionstrings/delete
Deleting a slot's connection string removes its data-store binding, breaking the slot's data access and disrupting the service.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog