services / Azure / DNS AAAA record set
Azure DNS AAAA record set mapping a hostname to one or more IPv6 addresses within a DNS zone. Controls public name resolution to IPv6 endpoints for the domain.
Write access enables repointing traffic (domain takeover); delete breaks resolution (DoS).
Microsoft.Network/dnszones/AAAA/delete
Deleting the AAAA record set removes IPv6 name resolution for the hostname, destroying a network component and denying service.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog