Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

The Power BI Data Visualization World Championships is back! Get ahead of the game and start preparing now! Learn more

Reply
Anonymous
Not applicable

CVE-2023-21806 should also be resolved on versions of Report Server at least 6 months old

‎03-07-2023 08:34 AM

This vulnerability is too high of a severity to not also address it earlier versions of Report Server with hotfixes or patches. Sept 2022 is still only 6 months away from the most recent version of Power BI Report Server. Forcing everyone to upgrade to Jan 2023 is heavy handed and something a start-up would do, not a Fortune 500 enterprise. Does Microsoft care about Report Server?

 

Likely many paying enterprises will not follow this guidance and will be vulnerable for some time because Microsoft refused to update such recent versions which are vulnerable because of their code. Very dissapointing.

 

CVE-2023-21806 - Security Update Guide - Microsoft - Power BI Report Server Spoofing Vulnerability

Message 1 of 1
739 Views
0
0 REPLIES 0

Helpful resources

Announcements
November Power BI Update Carousel

Power BI Monthly Update - November 2025

Check out the November 2025 Power BI update to learn about new features.

Fabric Data Days Carousel

Fabric Data Days

Advance your Data & AI career with 50 days of live learning, contests, hands-on challenges, study groups & certifications and more!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All