catalog logoThe IAM Privilege Catalog

services / Google Cloud / Compute Engine packet mirroring

Packet mirroring allows duplication and forwarding of packets on a virtual private cloud.

Packet mirroring allows inspection of network traffic, allowing access to unencrypted network data.

compute.​packetMirrorings.​create

Consumes mirroring quota and incurs spend proportional to the amount of mirrored network data. When combined with a compromised instance (used as the packet collector), allows collection of network data.

Risks

  1. Automated data collection (BOOST)
  2. Spend (MEDIUM)
  3. Infrastructure consumption (LOW)

Scope: MEDIUM

This privilege may grant access to confidential data, or its exploit can incur operational cost.

Links

  • https:​/​/​cloud.​google.​com/​vpc/​docs/​packet-​mirroring
  • https:​/​/​cloud.​google.​com/​sdk/​gcloud/​reference/​compute/​packet-​mirrorings
  • https:​/​/​cloud.​google.​com/​compute/​docs/​reference/​rest/​v1/​packetMirrorings

    • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog