Security Vulnerability Reporting Guidelines
Steps to Report a Vulnerability.
Please report any potential or real security vulnerability claim to the Vingcard Incident Response Team via e-mail at product.security@vingcard.com
Please encrypt your e-mail with PGP and this public key.
Please include the information below in your e-mail report:
- First and last name
- Company name
- Contact phone number (optional)
- Preferred e-mail contact
- General description of vulnerability
- Product containing vulnerability (hardware & software versions), part numbers
- Tools, hardware and other configurations required to trigger the event
- Any security or service pack updates applied
- Document instructions to reproduce the event
- Sample code, proof of concept or executable used to produce event
- Definition of how the vulnerability will impact a user including how the attacker could breach security on-site
- Affected product
- System Details (develop for range of Vingcard products)
- Technical Description and steps to reproduce
- PoC (link)
- Other parties and products involved
- Disclosure plans/Dates/drivers
- What was the purpose and scope of research being performed when found (context)?