catalog logoThe IAM Privilege Catalog

risks / Data discovery

Description

Allows an attacker to inventory stored data objects. May allow an attacker to focus attacks on specific data repositories. When object identifiers contain sensitive information (e.g. tenant identifiers), gives attackers access to this information.

Risk: LOW

This risk may assist in additional attacks, or gain access to confidential data that do not create organizational risk on their own.

Mitigations

  1. Avoid using sensitive data identifiers

Links

  1. https:/​/​attack.mitre.org/​techniques/​T1619/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

appengine.applications.get
appengine.operations.get
appengine.operations.list
appengine.versions.get
appengine.versions.list
bigquery.datasets.get
bigquery.savedqueries.get
bigquery.savedqueries.list
billing.accounts.getPaymentInfo
cloudfunctions.functions.call
cloudfunctions.functions.get
cloudfunctions.functions.invoke
cloudfunctions.functions.list
cloudfunctions.operations.get
cloudfunctions.operations.list
container.secrets.get
container.secrets.list
datastore.entities.get
datastore.entities.list
datastore.indexes.get
datastore.indexes.list
datastore.namespaces.get
datastore.namespaces.list
pubsub.schemas.get
storage.buckets.get
storage.buckets.getObjectInsights
storage.buckets.list
storage.multipartUploads.list
storage.multipartUploads.listParts
storage.objects.get
storage.objects.list

© 2023–present P0 Security and contributors to the IAM Privilege Catalog