services / Azure / Traffic Manager Azure endpoint
A Traffic Manager Azure endpoint is a configured backend target (an Azure resource) within a Traffic Manager profile that receives DNS-routed traffic. It defines part of a public-facing service's routing.
Endpoint configuration determines where a public domain's traffic is directed.
Microsoft.Network/trafficManagerProfiles/azureEndpoints/write
Adding/updating an endpoint changes where the profile's DNS name routes traffic, letting an attacker redirect domain traffic to a controlled target (hijack), alter routing config, or disable a legitimate endpoint to deny service.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog