Share via

How to Fix IIS Short Filename Vulnerability in Web Services of Microsoft SQL Server Reporting Services Version 13.0.4199.0

炜 张 0 Reputation points
2023-03-20T06:25:43.9666667+00:00

The IIS 8.3 short file name vulnerability exists in the SSRS web service, and the setting of the iis root node cannot be repaired. Where can I fix the vulnerability of this dummy site

Windows development | Internet Information Services
SQL Server Reporting Services
SQL Server Reporting Services
A SQL Server technology that supports the creation, management, and delivery of both traditional, paper-oriented reports and interactive, web-based reports.
3,063 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-03-20T07:56:04.26+00:00

    Hi @炜 张

    I am responsible for SSRS related issues. In fact I am not very familiar with IIS. From what I've searched, blocking requests containing the "~" character might be a workaround for virtual websites if you can't fix the IIS root settings.

    For more details, you can check this link: https://adrianjnkns.medium.com/iis-shortname-vulnerability-67f933849943.

    Hope this helps you.

    If the answer is helpful, please click "Accept Answer" and upvote it. If you have any questions, please feel free to let me know.

    Best regards,

    Aniya

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.