CVE-2021-41372

🗓️ 10 Nov 2021 00:46:45Reported by microsoftType

Power BI Report Server Spoofing Vulnerabilit

Reporter	Title	Published	Views	Family All 12
CNNVD	Microsoft Power BI Report Server 跨站脚本漏洞	9 Nov 202100:00	–	cnnvd
Cvelist	CVE-2021-41372 Power BI Report Server Spoofing Vulnerability	10 Nov 202100:46	–	cvelist
EUVD	EUVD-2021-28400	3 Oct 202520:07	–	euvd
Microsoft KB	Escalation of privilege possible in Power BI Report Server (September, May 2021): March 4, 2022 (KB5007903)	9 Nov 202108:00	–	mskb
Kaspersky	KLA12344 SUI vulnerability in Microsoft SQL Server	9 Nov 202100:00	–	kaspersky
Microsoft CVE	Power BI Report Server Spoofing Vulnerability	9 Nov 202108:00	–	mscve
NCSC	Vulnerability fixed in Microsoft SQL Server	9 Nov 202100:00	–	ncsc
NVD	CVE-2021-41372	10 Nov 202101:19	–	nvd
OSV	CVE-2021-41372	10 Nov 202101:19	–	osv
Prion	Cross site request forgery (csrf)	10 Nov 202101:19	–	prion

NVD

Vulners

Node

microsoft power_bi_report_serverMatch15.0.1107.165

[
  {
    "vendor": "Microsoft",
    "product": "Power BI Report Server version 1.11.8091.10468",
    "cpes": [
      "cpe:2.3:a:microsoft:power_bi_report_server:*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0.0",
        "lessThan": "15.0.1106.457",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Power BI Report Server version 1.12.7977.29537",
    "cpes": [
      "cpe:2.3:a:microsoft:power_bi_report_server:*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0.0",
        "lessThan": "15.0.1107.165",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41372

24 Feb 2026 18:27Current

7.4High risk

Vulners AI Score7.4

CVSS 26.8

CVSS 3.17.6 - 9.6

EPSS0.00233

cve-2021-41372 power bi report server spoofing vulnerability nvd