CVE-2020-1173

6.8MEDIUM

Key Information:

Vendor: Microsoft
Status: Power Bi Report Server
Vendor: CVE Published:; 21 May 2020

Summary

A spoofing vulnerability exists in Microsoft Power BI Report Server in the way it validates the content-type of uploaded attachments, aka 'Microsoft Power BI Report Server Spoofing Vulnerability'.

Affected Version(s)

Power BI Report Server = unspecified

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 21, 2020
Vulnerability Reserved
Nov 4, 2019

Collectors

NVD DatabaseMitre Database