CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
42.8%
This Microsoft Power BI Report Server security update resolves an escalation of privilege vulnerability. To learn more about the vulnerability, see CVE-2023-21809.
The following Power BI Report Server versions are updated in this security update:
The following file is available for download from the Microsoft Download Center.
This security update applies to all installed versions of Power BI Server.
For deployment information about this security update, see Deployments - Security Update Guide.
Power BI Report Server is updated to the following version in this security update.Product Name | Product version | File version |
---|---|---|
Power BI Report Server (January 2023) | 15.0.1111.115 | 1.16.8420.13742 |