If you have discovered or suspect a security vulnerability on any systems owned or operated by UC Berkeley, please report it immediately:
Report the vulnerability to the Information Security Office by emailing firstname.lastname@example.org
Please provide as much information as possible.
Never include sensitive information over email, instead, call us at: (510) 664-9000 (option 4).
Include in your report:
- Your name and contact information
- Which systems are affected (IP addresses, hostnames, URLs, etc.)
- Description of the security vulnerability and steps to reproduce the issue
- Date and time the vulnerability was discovered
- Any other known resources affected
If you are an approved participant in the UC Berkeley Vulnerability Disclosure Program:
Report the vulnerability as outlined here: Vulnerability Disclosure Program - Reporting Process