services / Azure / Connector Gateway connections
A Connector Gateway connection is a Microsoft.Web integration resource representing a credentialed link to a backend/on-premises data source used by Logic Apps/Power Platform connectors.
Connections broker stored backend credentials/auth configuration; controlling them can enable access to the backend targets they point to.
Microsoft.Web/connectorGateways/connections/action
A discrete action on a credential-bearing connection can exercise or alter the connection's stored backend identity, letting an attacker invoke the connection to reach the backend (lateral) and change its operational state.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security