Skip to content

Security: CiscoPSIRT/openVulnAPI

Security

SECURITY.md

Security Policy

To learn about Cisco security vulnerability disclosure policies and publications, access the Cisco Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

All Cisco Security Advisories are published at: https://www.cisco.com/go/psirt

Reporting a Vulnerability

Individuals or organizations that are experiencing a product security issue are strongly encouraged to contact the Cisco PSIRT. Cisco welcomes reports from independent researchers, industry organizations, vendors, customers, and other sources concerned with product or network security. The minimal data needed for reporting a security issue is a description of the potential vulnerability.

Please contact the Cisco PSIRT using one of the following methods.

Emergency Support

  • Phone +1 877 228 7302 (toll-free within North America)
  • +1 408 525 6532 (International direct-dial)
  • Hours 24 hours a day, 7 days a week

Nonemergency Support

  • Email [email protected]
  • Hours Support requests that are received via email are typically acknowledged within 48 hours. Ongoing status on reported issues will be determined as needed.

Cisco encourages the encryption of sensitive information that is sent to Cisco in email messages. The Cisco PSIRT supports encrypted messages via PGP/GNU Privacy Guard (GPG). The Cisco PSIRT public key is available at the following link: https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html#cpsir

There aren’t any published security advisories