Responsible Disclosure

We welcome any information from external parties and members of TU Braunschweig that helps us to achieve the protection goals of information security and to secure our systems. If you have discovered a vulnerability that affects one of our systems, please contact us. Please use our e-mail address or our contact form.

Please note:

• Unfortunately, as a public institution, we cannot offer you a financial reward (Bug Bounty).
• At your request, we can provide you with a thank you letter if
  • we can verify the vulnerability,
  • it is the first report of this vulnerability,
  • the report contains a good and realistic attack scenario for the vulnerability and
  • we assess the discovery as a real risk for the systems or users of TU Braunschweig.

Please note that feedback from our side may be delayed after an initial confirmation as long as we are busy assessing the vulnerability found.