Logo
Contact Sales

Reporting Security Issues

At ORENCloud, we prioritize the security of our systems and the protection of our users’ data. We value the contributions of security researchers and encourage responsible disclosure of any vulnerabilities discovered within our applications or infrastructure.

How to Report a Vulnerability

If you identify a potential security vulnerability in any of ORENCloud’s services, please report it to us through the following means:

  • Email: Send a detailed description of the vulnerability to [email protected]. Please include all necessary information to help us understand the nature and scope of the issue.

Guidelines for Reporting

When reporting a vulnerability, please:

  • Provide Detailed Information: Include a clear and concise description of the vulnerability, steps to reproduce it, and any potential impact.
  • Avoid Public Disclosure: Do not publicly disclose the vulnerability until we have had an opportunity to address it. This helps prevent malicious actors from exploiting the issue before a fix is implemented.
  • Use Test Environments: Conduct your testing on non-production environments to avoid any disruption to our services and users.

Scope of Vulnerabilities

We are particularly interested in vulnerabilities that could compromise the integrity, availability, or confidentiality of our services, including but not limited to:

  • Remote Code Execution
  • SQL Injection
  • Authentication Bypass
  • Privilege Escalation
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)

Non-Qualifying Vulnerabilities

While we appreciate all reports, certain issues are considered out of scope for our security program, such as:

  • Missing HTTP Security Headers
  • Clickjacking on Pages with No Sensitive Actions
  • Denial of Service (DoS) Attacks
  • Reports from Automated Tools without Proof of Exploitability

Our Commitment

Upon receiving a vulnerability report, we commit to:

  • Acknowledgment: Acknowledge receipt of your report within 5 business days.
  • Assessment: Assess the reported vulnerability and determine its impact.
  • Resolution: Work diligently to remediate confirmed vulnerabilities in a timely manner.
  • Communication: Keep you informed of the status of your reported vulnerability throughout the process.

Recognition

We appreciate the efforts of security researchers who help us maintain the security and integrity of our services. With your consent, we would be happy to acknowledge your contributions publicly.

Legal

Please note that your testing must not violate any applicable laws or regulations. By reporting a vulnerability, you agree to permit ORENCloud to use the information provided to remediate the vulnerability and for any other lawful purpose.

Contact Us

If you have any questions or need further information, please contact us at [email protected].

Thank you for helping us keep ORENCloud and our users safe.

AI Powered Business Communication​ For All Business Sizes

We provide cloud communication solutions including hosted telephony, voice solutions, helpdesk, omnichannel systems, and contact centres. Our technology and experienced professionals optimise your operations and deliver superior customer experiences. Join us to revolutionise your cloud communication journey.

Privacy Policy  Software Policy  Terms and Conditions No Spam Policy Fair Usage Policy Responsible Disclosure Policy Equal Opportunity Policy

Products

CloudOffice
Cloud Contact Center
ORENdesk
WithTeams
OMNI
SIP Trunking

ORENCloud UC Android   ORENCloud UC iOS    ORENCloud UC Mac  ORENCloud UC Windows

 
 

Resources

Contact

CSR
Partnership
Contact Us

ORENCloud Twitter  ORENCloud Facebook  ORENCloud Instagram  ORENCloud LinkedIn

ORENCloud Twitter  ORENCloud Facebook  ORENCloud Instagram  ORENCloud LinkedIn