OwnCloud starts official Bug Bounty Program - Payments for valid Security Reports

Editorial_Staff_Team's picture

OwnCloud starts official Bug Bounty Program - Payments for valid Security Reports

These week the vulnerability laboratory core research team started to participate in the official bug bounty program of the OwnCloud company. OwnCloud is a suite of client-server software for creating file hosting services and using them.

The developers of the Open-Source Cloud service OwnCloud have announced a Bug Bounty program. Researchers will be rewarded with up to 500 USD for accepted bugs. OwnCloud uses the another platform  for its Bounty program.

What is the maximum bounty?  We are offering rewards up to $500 for security vulnerabilities depending on the impact.

Which versions of ownCloud are in scope?  The scope for the Security Bug Bounty Program starts with ownCloud version 8.1.2.

What if I report a duplicate vulnerability?  In case of duplicate reports we only reward the first reporter of the vulnerability.

Reference(s):

https://owncloud.com/introducing-the-owncloud-security-bug-bounty-program/

http://www.heise.de/security/meldung/Fuer-eine-Handvoll-Dollar-OwnCloud-zahlt-fuer-Schwachstellen-2794527.html

Rate this article: 
Average: 5 (4 votes)

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.