Azure Admin Privileges
Description
Detects Azure Function Apps that have been granted administrative role assignments. Function Apps with admin privileges represent a security risk since they could be exploited to gain extensive control over Azure resources and potentially compromise the entire environment.
Detection Strategy
• Scans all Azure Function Apps in the subscription
• Checks if any Function App has been assigned one of these administrative roles: Owner, Contributor, Role Based Access Control Administrator, User Access Administrator, or Access Review Operator Service Role
• Reports a vulnerability if a Function App is found with any of these admin role assignments
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.