risks / Metadata destruction

Description

Allows an attacker to delete metadata. Can be impactful if those metadata are used operationally (e.g. timestamp filtering, customer identification, etc.).

Risk: MEDIUM

Exploited in isolation, this risk has the potential to create operational burden or monetary costs, or access organizational secrets.

Mitigations

  1. Backup metadata
  2. Define metadata using infrastructure-as-code

Links

    (No links for this risk)

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

Kubernetes

© 2023–present P0 Security and contributors to the IAM Privilege Catalog