services / Azure / Bastion Host
Azure Bastion is a managed PaaS jump host deployed in a VNet that brokers secure browser-based RDP/SSH connectivity to VMs without exposing public IPs on those VMs.
A production secure-access entry point into a private network; controlling or observing it affects reachability of all VMs behind it.
Microsoft.Network/BastionHosts/getsessionrecordingsasurl/action
Getting the session-recording SAS URL returns a credential-bearing tokenized storage URL granting direct access to recorded administrative sessions, exfiltrating both the SAS token and the sensitive recordings.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog