Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Be one of the first to start using Fabric Databases. View on-demand sessions with database experts and the Microsoft product team to learn just how easy it is to get started. Watch now

Reply
Anonymous
Not applicable

CVE-2023-21806 should also be resolved on versions of Report Server at least 6 months old

‎03-07-2023 08:34 AM

This vulnerability is too high of a severity to not also address it earlier versions of Report Server with hotfixes or patches. Sept 2022 is still only 6 months away from the most recent version of Power BI Report Server. Forcing everyone to upgrade to Jan 2023 is heavy handed and something a start-up would do, not a Fortune 500 enterprise. Does Microsoft care about Report Server?

 

Likely many paying enterprises will not follow this guidance and will be vulnerable for some time because Microsoft refused to update such recent versions which are vulnerable because of their code. Very dissapointing.

 

CVE-2023-21806 - Security Update Guide - Microsoft - Power BI Report Server Spoofing Vulnerability

Message 1 of 1
520 Views
0
0 REPLIES 0

Helpful resources

Announcements
Las Vegas 2025

Join us at the Microsoft Fabric Community Conference

March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!

Dec Fabric Community Survey

We want your feedback!

Your insights matter. That’s why we created a quick survey to learn about your experience finding answers to technical questions.

ArunFabCon

Microsoft Fabric Community Conference 2025

Arun Ulag shares exciting details about the Microsoft Fabric Conference 2025, which will be held in Las Vegas, NV.

December 2024

A Year in Review - December 2024

Find out what content was popular in the Fabric community during 2024.

View All