GCP - Secretmanager Privesc
secretmanager
For more information about secretmanager:
pageGCP - Secrets Manager Enumsecretmanager.versions.access
secretmanager.versions.access
This give you access to read the secrets from the secret manager and maybe this could help to escalate privielegs (depending on which information is sotred inside the secret):
As this is also a post exploitation technique it can be found in:
pageGCP - Secretmanager Post Exploitationsecretmanager.secrets.setIamPolicy
secretmanager.secrets.setIamPolicy
This give you access to give you access to read the secrets from the secret manager.
Last updated