CVE-2023-39338

Name of the Vulnerable Software and Affected Versions: Apache Sentry (affected versions not specified)

Description: An authenticated user (enrolled device) may access a service protected by Sentry even if they are not authorized according to the sentry policy to access that service. This does not enable the user to authenticate to or use the service, but provides tunnel access.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.