services / Azure / Virtual WAN
A Virtual WAN is the top-level Azure networking construct that aggregates and interconnects virtual hubs, VNets, site-to-site/point-to-site VPN, and ExpressRoute connectivity into a managed SD-WAN backbone.
Acts as the connectivity fabric for a single organizational network function; compromise affects routing and reachability across all attached hubs and sites.
Microsoft.Network/virtualWans/vpnconfiguration/action
Gets a VPN configuration that returns connection profile material including pre-shared keys/credentials, letting an attacker establish a tunnel into the private network.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog