Rackspace Technology Security Vulnerability Reporting
Revised Miércoles, Mayo 18, 2022
We've designed our infrastructure and services for security, to protect our customers and their data. But if you discover a security vulnerability with any of our products, control panels, or other infrastructure, we want to know.
Reporting process
Security issues within our product offerings take a very high priority. We want to work with you to understand the scope of the vulnerability and ensure that we correct the problem fully.
1. Report a vulnerability by notifying us at security@rackspace.com. (If needed, you can encrypt your email using our public PGP key.) Please provide detailed information about the following:
- The product, control panel, or infrastructure involved.
- The steps required to reproduce the issue as well as any scripts or screenshots, if possible.
- The impact of the vulnerability and how it can be exploited.
2. Once we receive your report, we will contact you to confirm we have received it within 5 business days.
3. Please do not post or share any information about a potential security vulnerability in any public setting until we have researched, responded to, and addressed the reported vulnerability and informed customers, if needed. Our products are complex, and reported security vulnerabilities will take time to investigate, address, and fix.
4) Rackspace does not have a monetary bug bounty program. For responsibly disclosed, new vulnerabilities, we have a hall of fame that can be found on this page.
Remember to use discretion when reporting issues and respect our customers’ and users’ data and privacy. Note that Rackspace may not be responsible for customer vulnerabilities. If you are unsure, let us know.
Security disclosure and notifications
For the protection of our customers, Rackspace Technology does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches, fixes, or releases are available. Rackspace Technology usually distributes security disclosures and notifications through blog posts and customer support portals.
Keeping our community safe
We would like to acknowledge the following people who have responsibly disclosed security vulnerabilities in the past. Thank you for your help in keeping our community safe.
- Tom Maher
- Daksh Patel*
- Koutrouss Naddara
- Kamil Sevi
- Osanda Malith Jayathissa*
- Rodolfo Godalle, Jr.
- Sabari Selvan
- Tikarye Ashish B.
- Gurjant Singh Sadhra
- Ishan Anand
- Jayvardhan Singh
- Ciaran McNally
- Ketan Sirigiri
- Sangeetha Rajesh S
- Scott Glossop
- Yasir Zargar
- Joel Parker Henderson
- Zeel Chavda
- Noman Shaikh
- Rishabh Sharma*
- Shawar Khan
- Zee Shan
- Prial Islam
- Zika Ds
- Piyush Soni
- Macall Salugsugan
- Vineet Kumar
- Andrew Stucki
- Ben Leonard-Lagarde
- Maksym Bendeberia (Websafety Ninja)
- R Atikislam
- Robbie Wiggins
- Salonee Jaiswal
- Pranav Bhandari
- Ken Nevers @k3nundrum (Red Sea Information Security)
- Aman Deep Singh Chawla
- Quang Vu Dinh @vudq16 (NCSC VietNam)
- Varun Gupta
- John Moss (7 Elements)
- Subhasish Mukherjee
- Apoorva Jois
- Pratik Dabhi LinkedIn / Twitter
- K Mohammed Danish Faraz LinkedIn / Twitter
- Ibrahim Saud M LinkedIn / Twitter
- Wesley Kirkland LinkedIn
- Pritam Mukherjee
- Sadik Shaikh
- Yunus Yıldırım
- Shiraz Ali Khan
- Ahmed Salah Abdalhfaz
- Guillermo Gregorio
- Ivan Pellino
- Gourab Sadhukhan
- Divya Singh
- Cameron Walsh
- Akash Rajendra Patil
- Isa Ghojaria
- Shubham Garg
- Prince Prafull
- Foysal Ahmed Fahim*
- Harinder Singh (S1N6H)
- Noah Wilcox
- Abdullah Mudzakir
- Mohammad Sleaman Ahmad (HamaGold)
- Marcin Bukowski (insect.pl)
- Joao Paulo Figueiredo Guedes
- Ramansh Sharma
- Hammad Saleem
- Mir Umair Ali
- Amruta Ajay Kanade
* Indicates two or more vulnerabilities have been reported
Note: While we sincerely appreciate reports for vulnerabilities of all severity levels, this listing is reserved for people who have reported previously unknown vulnerabilities, which Rackspace Technology has determined to be of a high or critical severity, or in cases where there has been continued research or other contributions made by the person.
Having trouble with an account?
If you’re a Rackspace Technology customer and you’re having difficulty accessing your account, or if you believe your account has been accessed without your authorization, please contact your support team.