56 lines
2.6 KiB
Plaintext
56 lines
2.6 KiB
Plaintext
Custom roles that provide the same level of permissions as `Owner` might
|
|
indicate a configuration issue. Any entity assigned with it can perform any
|
|
action on the `Subscription` or `Management group`, including changing roles and
|
|
permissions.
|
|
|
|
If the affected role is unexpectedly assigned to users, they can compromise the
|
|
affected scope. They can do so in the long term by assigning dangerous roles to
|
|
other users or entities.
|
|
|
|
Depending on the scope to which the role is assignable, the exact impact of a
|
|
successful exploitation may vary. It generally ranges from data compromise to
|
|
the takeover of the cloud infrastructure.
|
|
|
|
==== Infrastructure takeover
|
|
|
|
By obtaining the right role, an attacker can gain control over part or all of
|
|
the Azure infrastructure. They can modify DNS settings, redirect traffic, or
|
|
launch malicious instances that can be used for various nefarious activities,
|
|
including launching DDoS attacks, hosting phishing websites, or distributing
|
|
malware. Malicious instances may also be used for resource-intensive tasks such
|
|
as cryptocurrency mining.
|
|
|
|
This can result in legal liability, but also increased costs, degraded
|
|
performance, and potential service disruptions.
|
|
|
|
Furthermore, corporate Azure infrastructures are often connected to other
|
|
services and to the internal networks of the organization. Because of this,
|
|
cloud infrastructure is often used by attackers as a gateway to other assets.
|
|
Attackers can leverage this gateway to gain access to more services, to
|
|
compromise more business-critical data, and to cause more damage to the overall
|
|
infrastructure.
|
|
|
|
==== Compromise of sensitive data
|
|
|
|
If the affected service is used to store or process personally identifiable
|
|
information or other sensitive data, attackers with the correct role could be
|
|
able to access it. Depending on the type of data that is compromised, it could
|
|
lead to privacy violations, identity theft, financial loss, or other negative
|
|
outcomes.
|
|
|
|
In most cases, a company suffering a sensitive data compromise will face a
|
|
reputational loss when the security issue is publicly disclosed.
|
|
|
|
==== Financial loss
|
|
|
|
Financial losses can occur when a malicious user is able to use a paid
|
|
third-party-provided service. Each users assigned with a bad role will be
|
|
able to use it without limit to use the third party service to their own need,
|
|
including in a way that was not expected.
|
|
|
|
This additional use will lead to added costs with the Azure service provider.
|
|
|
|
Moreover, when rate or volume limiting is set up on the provider side, this
|
|
additional use can prevent the regular operation of the affected environment.
|
|
This might result in a partial denial of service for all legitimate users.
|