services / Azure / Connector Gateway connections
A Connector Gateway connection is a Microsoft.Web integration resource representing a credentialed link to a backend/on-premises data source used by Logic Apps/Power Platform connectors.
Connections broker stored backend credentials/auth configuration; controlling them can enable access to the backend targets they point to.
Microsoft.Web/connectorGateways/connections/write
Create/update lets an attacker set or repoint the stored backend credential/auth configuration, planting an attacker-controlled credentialed link (persistence) and pivoting into the backend the connection targets (lateral) while altering integration config.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security