Data manipulation

The IAM Privilege Catalog

risks / Data manipulation

Description

Allows an attacker to insert, delete, or manipulate organizational data. This may be done to evade detection or impact business/operational processes.

Risk: HIGH

Exploited in isolation, this risk has the potential to disrupt ancillary organization operations, cause reputational damage, or run afoul of compliance requirements.

Mitigations

Data encryption
Network segmentation
Data backup
Least privilege permissions

Links

https://attack.mitre.org/techniques/T1565/

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

appengine.memcache.update

cloudfunctions.functions.call

cloudfunctions.functions.invoke

cloudfunctions.functions.sourceCodeSet

cloudkms.cryptoKeyVersions.useToSign

cloudsql.instances.import

cloudsql.users.create

cloudsql.users.update

container.nodes.update

container.services.proxy

iam.serviceAccounts.signBlob

pubsub.topics.publish

run.jobs.runWithOverrides

run.jobs.update

run.services.update

© 2023–present P0 Security and contributors to the IAM Privilege Catalog