catalog logoThe IAM Privilege Catalog

risks / Metadata exfiltration

Description

Allows an attacker to read object metadata. This may contain sensitive data (for example customer identifiers or the like).

Risk: MEDIUM

Exploited in isolation, this risk has the potential to create operational burden or monetary costs, or access organizational secrets.

Mitigations

    (No mitigations for this risk)

Links

    (No links for this risk)

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

logging.logMetrics.get
logging.logMetrics.list
© 2023–present P0 Security and contributors to the IAM Privilege Catalog