catalog logoThe IAM Privilege Catalog

services / Google Cloud / Compute Engine health checks

Create and manage legacy HTTPS health checks used by Cloud load balancers.

Exploitation relies on multiple additional exercisable risks, including poorly secured backend endpoints, the ability to route to this infrastructure, and provisioned forwarding rules to the subject backends.

compute.​httpsHealthChecks.​useReadOnly

When combined with tailored health checks, may make backend infrastructure unroutable for intended uses.

Risks

  1. Denial-of-service (HIGH)

Scope: MEDIUM

This privilege may grant access to confidential data, or its exploit can incur operational cost.

Links

  • https:​/​/​cloud.​google.​com/​load-​balancing/​docs/​health-​checks
  • https:​/​/​cloud.​google.​com/​sdk/​gcloud/​reference/​compute/​https-​health-​checks
  • https:​/​/​cloud.​google.​com/​compute/​docs/​reference/​rest/​v1/​httpsHealthChecks

    • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog