MicrosoftKB5023884KB5023884 - Description of the security update for Power BI Report Server: January 2023
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
42.8%
KB5023884 - Description of the security update for Power BI Report Server: January 2023
Summary
This Microsoft Power BI Report Server security update resolves an escalation of privilege vulnerability. To learn more about the vulnerability, see CVE-2023-21809.
Affected versions
The following Power BI Report Server versions are updated in this security update:
- Power BI Report Server (September 2022) - Product version: 1.15.8377.1837, file version:15.0.1110.135 * Power BI Report Server (September 2022)- Product version:1.15.8300.38452, file version:15.0.1110.120 * Power BI Report Server (May 2022)- Product version:1.14.8179.37378, file version:15.0.1108.297
Resolution
The following file is available for download from the Microsoft Download Center.
- Power BI Report Server January 2023 security update - Download the package now
More information
Prerequisites
This security update applies to all installed versions of Power BI Server.
Security update deployment information
For deployment information about this security update, see Deployments - Security Update Guide.
Update version
| Power BI Report Server is updated to the following version in this security update.Product Name | Product version | File version |
|---|---|---|
| Power BI Report Server (January 2023) | 15.0.1111.115 | 1.16.8420.13742 |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
42.8%