Our Bug Bounty programme supports the reporting and quick elimination of security gaps (bugs) in our products and services. We invite both private individuals and organisations to report weak points to our Computer Security Incident Response Team (CSIRT).
Your report must contain all the information we need to trace the security gap. This includes:
All those involved in the collaboration between Swisscom and the security community observe the following rules:
Swisscom's understanding of responsible disclosure:
Swisscom CSIRT bears responsibility for a standardised procedure that accepts externally reported security gaps, rectifies and publishes them in a coordinated manner as appropriate.
|CVE-2015-6498||Home Device Manager, Alcatel-Lucent||Dr. Ulrich Fiedler,
|CVE-2015-1188||Swisscom DSL Router Centro Grande (ADB), ADB||Ivan Almuina|
|CVE-2015-1187||D-Link DIR636L, D-Link||Tiago Caetano Henriques|
|CVE-2014-3809||1830 Photonic Service Switch, Alcatel-Lucent||Stephan Rickauer|