CVE-2017-20217 in Serviio Proinformação

Sumário

de MITRE • 16/03/2026

Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control enforcement in the Configuration REST API that allows unauthenticated attackers to access sensitive information. Remote attackers can send specially crafted requests to the REST API endpoints to retrieve potentially sensitive configuration data without authentication.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

15/03/2026

Divulgação

16/03/2026

Moderação

aceite

Entrada

VDB-351170

CPE

pronto

CWE

CWE-306 (confirmado)

CVSS

7.5 (CNA)

EPSS

0.00136

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20217
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20217
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20217/

◂ Voltar Visão Geral Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!