services / Azure / Static Site build
A deployed build/environment (e.g. production or preview staging) of an Azure Static Web App that serves the site's static content and managed functions.
A build represents a deployed version/environment serving public content and backing functions.
Microsoft.Web/staticSites/builds/showDatabaseConnections/action
Returns database connection details including connection strings/credentials for the build's linked databases, enabling secret exfiltration and lateral access to the backing data store.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog