Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Compete to become Power BI Data Viz World Champion! First round ends August 18th. Get started.

Reply
Anonymous
Not applicable

Confused by tenable.com on remote code execution vulnerability in Power BI Report Server

‎08-09-2021 08:30 AM

Dear Microsoft:

 

The following posting by tenable.com has alerted our CyberSecurity team to push us to find “Power BI Report Server version 2.94.921.0 or later” to address “remote code execution vulnerability”:

https://www.tenable.com/plugins/nessus/151623

 

Would you please clarify? On-premises Report Server version has not come out with this fix, if the information from tenable.com is correct:

https://docs.microsoft.com/en-us/power-bi/report-server/changelog

 

Thank you,

 

Michael Xu, P. Eng.

System Analyst, Information Systems

CNRL    +1 403-386-5168

Microsoft Certified: DA, DE, DS, DBA

MichaelXu_0-1628522938248.jpeg

 

 

Labels:
Message 1 of 4
1,231 Views
0
1 ACCEPTED SOLUTION
Anonymous
Not applicable
In response to d_gosbell

‎08-15-2021 12:27 PM

Thank you Icey and d_gosbell! Looking forward for the Microsoft official On-premises version of PowerBI Report Server and Desktop that will address this issue.

 

Thank you,

 

Michael Xu, P. Eng.

System Analyst, Information Systems

CNRL    +1 403-386-5168

Microsoft Certified: DA, DE, DS, DBA

MichaelXu_0-1629055424583.jpeg

 

 

View solution in original post

Message 3 of 4
1,111 Views
0
3 REPLIES 3
Icey
Community Support
Community Support

‎08-11-2021 07:10 PM

Hi @Anonymous ,

 

I agree with what @d_gosbell  said. 

 

And in addition, 2.94.921.0 is one version of Power BI Desktop June 2021. You can find the rules from these version numbers:

 

July 2021 Update (2.95.804.0)

June 2021 Update (2.94.781.0)

May 2021 Update (2.93.384.0)

April 2021 Update (2.92.706.0)

 

And from here, we can find that 2.94.921.0 is an update version of Power BI Desktop June 2021, published on June 30, 2021.

june 2021.PNG

 

 

Best Regards,

Icey

 

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Message 4 of 4
1,154 Views
0
d_gosbell
Super User
Super User

‎08-09-2021 04:41 PM

That version number is not in the range used by Power BI Server (the current May 2021 release is v1.11)

That looks like a Power BI Desktop number and if you follow the "see also" link on tenable it points to an article referencing an issue with Power BI Desktop. So indirectly this is probably also an issue with the May 2021 release of report server. The next release of Report Server is scheduled for September (they release 3 times a year in January, May and September) and it looks like this would probably include this fix (since it should include the yet to be released Sept update of PBI Desktop).

Otherwise you could try and make sure your users only use 3rd party visuals that your security department are happy with or you could try raising an official support ticket with Microsoft, but I think that would be a bit of a long shot.

Message 2 of 4
1,186 Views
Anonymous
Not applicable
In response to d_gosbell

‎08-15-2021 12:27 PM

Thank you Icey and d_gosbell! Looking forward for the Microsoft official On-premises version of PowerBI Report Server and Desktop that will address this issue.

 

Thank you,

 

Michael Xu, P. Eng.

System Analyst, Information Systems

CNRL    +1 403-386-5168

Microsoft Certified: DA, DE, DS, DBA

MichaelXu_0-1629055424583.jpeg

 

 

Message 3 of 4
1,112 Views
0

Helpful resources

Announcements
August Power BI Update Carousel

Power BI Monthly Update - August 2025

Check out the August 2025 Power BI update to learn about new features.

August 2025 community update carousel

Fabric Community Update - August 2025

Find out what's new and trending in the Fabric community.

View All