Apache Ozone is an application. A scalable, redundant and distributed object store for Hadoop and cloud-native environments, an access control error vulnerability exists in Apache Ozone that stems from the product not adding valid permissions for access to OM, SCM and Datanode metadata. An attacker could access sensitive data through this vulnerability.