services / Azure / Private DNS SRV record set
An SRV (service-location) record set within an Azure Private DNS zone, which advertises the host and port of internal services (e.g. LDAP, SIP, Kerberos) for resources in linked virtual networks.
SRV records direct service-discovery clients to host/port endpoints; manipulating them can redirect client traffic to attacker-controlled endpoints.
Microsoft.Network/privateDnsZones/SRV/write
Creating/replacing SRV records redirects internal service discovery to attacker-controlled hosts/ports, manipulating resolution and arbitrarily routing client traffic for that name.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog