catalog logoThe IAM Privilege Catalog

risks / Automated data collection

Description

Allows an attacker to collect organizational data in a central location, or in an automatic fashion over time. Organizational data include application, customer, financial and operational data.

Risk: BOOST

This risk allows an attacker to significantly increase the scope of an attack, or the sensitivity of accessed systems.

Mitigations

    (No mitigations for this risk)

Links

  1. https:/​/​attack.mitre.org/​techniques/​T1119/​
  2. https:/​/​attack.mitre.org/​techniques/​T1530/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

appengine.instances.enableDebug
compute.disks.addResourcePolicies
compute.disks.createSnapshot
compute.disks.use
compute.disks.useReadOnly
compute.instances.osAdminLogin
compute.instances.osLogin
compute.instances.sendDiagnosticInterrupt
compute.networks.mirror
compute.packetMirrorings.create
compute.packetMirrorings.update
datastore.entities.get
© 2023–present P0 Security and contributors to the IAM Privilege Catalog