Lucene search
GoogleOSV:GHSA-6XHJ-P29V-82J8HistoryMay 13, 2022 - 1:53 a.m.
Apache Sentry may allow attacker to access/remove data from Sentry protected table
2022-05-1301:53:29
Google
osv.dev
6
0.001 Low
EPSS
Percentile
31.2%
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.apache.sentry:sentry | eq | 2.0.0 | |
| org.apache.sentry:sentry | eq | 1.7.1 | |
| org.apache.sentry:sentry | eq | 1.7.0 | |
| org.apache.sentry:sentry | eq | 1.8.0 |
Related
cve
cve
CVE-2018-8028
2018-08-23 15:29:01
veracode
veracode
Unauthorized Modification
2019-07-08 10:49:49
prion
prion
Code injection
2018-08-23 15:29:00
nvd
nvd
CVE-2018-8028
2018-08-23 15:29:01
cvelist
cvelist
CVE-2018-8028
2018-08-23 15:00:00
github
github
osv
osv
CVE-2018-8028
2018-08-23 15:29:01