If you are using SQL Server Reporting Services, it is better to check your system if any vulnerability exists.
SQL Server Reporting Services (SSRS) provides a set of on-premises tools and services that create, deploy, and manage mobile and paginated reports.
Functionality within the SSRS web application allowed low privileged user accounts to run code on the server by exploiting a deserialisation issue. Although the application was only accessible to authorised users, the lowest privilege (the Browser role) was sufficient in order to exploit this issue.
Apply the February 2020 patch on the server. It should be noted that attackers can easily encode their requests to evade web application firewalls. As a result, patching would be the only robust option to stop this vulnerability.