Missing Authorization
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table.