catalog logoThe IAM Privilege Catalog

risks / Logs exfiltration

Description

Allows an attacker to export logs from a system. Logs may contain sensitive customer or organizational data.

Risk: MEDIUM

Exploited in isolation, this risk has the potential to create operational burden or monetary costs, or access organizational secrets.

Mitigations

    (No mitigations for this risk)

Links

    (No links for this risk)

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

cloudsql.users.create
cloudsql.users.update
logging.buckets.copyLogEntries
logging.fields.access
logging.links.create
logging.logEntries.download
logging.logEntries.list
logging.privateLogEntries.list
logging.views.listLogs
logging.views.update
© 2023–present P0 Security and contributors to the IAM Privilege Catalog