CVE-2018-8028

Published: Aug 23, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table.

Vendor	Product	Versions
Apache Software Foundation	Apache Sentry	affected `Apache Sentry 2.0.0`

References

https://cwiki.apache.org/confluence/display/SENTRY/Vulnerabilities+found+in+Apache+Sentry

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-8028

Description

Affected Products

References