Richtlinien zur verantwortungsvollen Offenlegung

image

Richtlinien zur verantwortungsvollen Offenlegung

Information, data and its supporting processes, information systems and networks are vital to the business of Bühler and our customers and other business partners. The preservation of confidentiality, integrity and availability of valuable information is a major aspect to value the trust our customers and business partners place in us.

+

Reporting Vulnerabilities

If you find security issues or vulnerabilities, we would appreciate it if you report them through our vulnerability disclosure program, which is operated by our partner Intigriti. To report, you need an account with Intigriti, which can be easily created here.

If you want to contact our information security team for any other purposes, please use the email address security[at]buhlergroup.com

Hall of Fame

The current leaderboard can be found here.
The following people have reported valid security issues until 2023 and helped us make Bühler more secure:

 

Credits

Datum

Beschreibung

Gokul Sudhakar

April 2023

Reported two issues in services of third party providers.

Shlok K

February 2023

Reported a security misconfiguration on a publicly exposed system.

Himanshu Sondhi

February 2023

Reported a vulnerability in a publicly exposed test system.

Athbi

January 2023

Reported two authentication/authorization issues on API endpoints of a web application.

Vishal Vishwakarma

January 2023

Reported a vulnerable component in a service of a third party provider.

Raju Basak+ Pagli 

November 2022

Reported a valid vulnerability in a web application.

Bibek Shah

October 2022

Performed and reported subdomain takeover on two subdomains

Haidder Ali Chatha

September 2022

Meldung verschiedener valider Schwachstellen in einer Webanwendung

Shashank Sawant

  Mai 2022

Meldung einer validen Schwachstelle in einer Webanwendung

Huzefa Surme

Januar 2022

Meldung einer validen Schwachstelle in einer Webanwendung

Rushabh Vyas

Januar 2022

Meldung einer validen Schwachstelle in einer Webanwendung

Ravindra Dagale

Oktober 2021

Meldung einer angreifbaren, veralteten Komponente in einer Webanwendung

Yunus Yildirim

Oktober 2021

Meldung einer validen Schwachstelle in einer Webanwendung

Mohammed Eldawody

August 2021

Meldung von vier validen Sachverhalten mit gut dokumentierten Erläuterungen