← Back to CVE List
CVE-2018-8028
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt