Help us keep the MPoC platform secure. Report responsibly, we respond within 7 business days.
Report any security vulnerabilities or concerns related to the MPoC Software, including but not limited to:
We follow a responsible disclosure policy and appreciate your cooperation. Key guidelines:
Infibeam Avenues is committed to protecting the rights of security researchers who responsibly disclose vulnerabilities. We will not take legal action against individuals who adhere to our responsible disclosure policy.
We value the efforts of security researchers and will acknowledge receipt of your report within 7 business days. We will keep you informed about the status and resolution of the reported issue.
Secure submission — encrypted in transit
Your report is sent securely to the Infibeam Avenues security team.
How we evaluate and prioritise reported vulnerabilities
| Common Vulnerabilities (CVEs) | Vulnerabilities listed in the National Vulnerability Database (NVD) and other recognised databases. |
| Security Advisories | Vulnerabilities reported in official advisories from software vendors or reliable sources. |
| Severity Level | Issues with a severity level that poses a credible threat to Infibeam Avenues systems, data, or operations. |
| Relevance to Environment | Vulnerabilities applicable to specific software versions and configurations used by Infibeam Avenues. |
| CIA Impact | Issues with significant impact on confidentiality, integrity, or availability of systems and data. |
| Known Exploits | Vulnerabilities with known exploits or active threats in the wild. |
| Compliance Violations | Issues that may lead to violations of regulatory compliance requirements. |
| Vendor Acknowledgment | Vulnerabilities acknowledged by the COTS vendor, especially where a patch or mitigation is available. |
| False Positives | Vulnerabilities identified as false positives after thorough investigation and verification. |
| Non-Applicable | Vulnerabilities not applicable to Infibeam Avenues specific software and hardware configurations. |
| Low-Impact Issues | Low severity vulnerabilities that do not pose a significant risk to operations. |
| Unsupported Software | Vulnerabilities in officially unsupported or legacy software components where upgrading is not feasible. |
| Known Mitigations | Vulnerabilities for which effective mitigations are already in place or can be readily implemented. |
| Patch Pending | Vulnerabilities where a vendor has acknowledged the issue and a patch is pending within an acceptable timeframe. |
| Low Exploit Probability | Vulnerabilities with a low probability of exploitation in the specific Infibeam Avenues environment. |
| Insignificant Impact | Vulnerabilities with insignificant impact on confidentiality, integrity, and availability of systems. |