Hi @Jason Huang ,
Generally, I would say no. The security vulnerability is not quite relative with whether SQL Server or SSRS server are installed in one machine. SSRS has its own execution account and service account. The two server are in this perspective independent .
BTW, if we install them on different server, for each server we would need one independent license.
Regards,
Joy
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.