submit bug report: https://www.rackspace.com/information/legal/rsdpWe've designed our infrastructure and services for security, to protect our customers and their data. But if you discover a security vulnerability with any of our products, control panels, or other infrastructure, we want to know.
Reporting process
Security issues within our product offerings take a very high priority. We want to work with you to understand the scope of the vulnerability and ensure that we correct the problem fully.
1. Report a vulnerability by notifying us at
[email protected]. (If needed, you can encrypt your email using our public PGP key.) Please provide detailed information about the following:
The product, control panel, or infrastructure involved.
The steps required to reproduce the issue as well as any scripts or screenshots, if possible.
The impact of the vulnerability and how it can be exploited.
2. Once we receive your report, we will contact you to confirm we have received it within 5 business days.
3. Please do not post or share any information about a potential security vulnerability in any public setting until we have researched, responded to, and addressed the reported vulnerability and informed customers, if needed. Our products are complex, and reported security vulnerabilities will take time to investigate, address, and fix.
4) Rackspace does not have a monetary bug bounty program. For responsibly disclosed, new vulnerabilities, we have a hall of fame that can be found on this page.
Remember to use discretion when reporting issues and respect our customers’ and users’ data and privacy. Note that Rackspace may not be responsible for customer vulnerabilities. If you are unsure, let us know.
Security disclosure and notifications
For the protection of our customers, Rackspace Technology does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches, fixes, or releases are available. Rackspace Technology usually distributes security disclosures and notifications through blog posts and customer support portals.
Keeping our community safe
We would like to acknowledge the following people who have responsibly disclosed security vulnerabilities in the past. Thank you for your help in keeping our community safe.
Tom Maher
Daksh Patel*
Koutrouss Naddara
Kamil Sevi
Osanda Malith Jayathissa*
Rodolfo Godalle, Jr.
Sabari Selvan
Tikarye Ashish B.
Gurjant Singh Sadhra
Ishan Anand
Jayvardhan Singh
Ciaran McNally
Ketan Sirigiri
Sangeetha Rajesh S
Scott Glossop
Yasir Zargar
Joel Parker Henderson
Zeel Chavda
Noman Shaikh
Rishabh Sharma*
Shawar Khan
Zee Shan
Prial Islam
Zika Ds
Piyush Soni
Macall Salugsugan
Vineet Kumar
Andrew Stucki
Ben Leonard-Lagarde
Maksym Bendeberia (Websafety Ninja)
R Atikislam
Robbie Wiggins
Salonee Jaiswal
Pranav Bhandari
Ken Nevers @k3nundrum (Red Sea Information Security)
Aman Deep Singh Chawla
Quang Vu Dinh @vudq16 (NCSC VietNam)
Varun Gupta
John Moss (7 Elements)
Subhasish Mukherjee
Apoorva Jois
Pratik Dabhi LinkedIn / Twitter
K Mohammed Danish Faraz LinkedIn / Twitter
Ibrahim Saud M LinkedIn / Twitter
Wesley Kirkland LinkedIn
Pritam Mukherjee
Sadik Shaikh
Yunus Yıldırım
Shiraz Ali Khan
Ahmed Salah Abdalhfaz
Guillermo Gregorio
Ivan Pellino
Gourab Sadhukhan
Divya Singh
Cameron Walsh
Akash Rajendra Patil
Isa Ghojaria
Shubham Garg
Prince Prafull
Foysal Ahmed Fahim*
Harinder Singh (S1N6H)
Noah Wilcox
Abdullah Mudzakir
Mohammad Sleaman Ahmad (HamaGold)
Marcin Bukowski (insect.pl)
Joao Paulo Figueiredo Guedes
Ramansh Sharma
* Indicates two or more vulnerabilities have been reported
Note: While we sincerely appreciate reports for vulnerabilities of all severity levels, this listing is reserved for people who have reported previously unknown vulnerabilities, which Rackspace Technology has determined to be of a high or critical severity, or in cases where there has been continued research or other contributions made by the person.
Having trouble with an account?
If you’re a Rackspace Technology customer and you’re having difficulty accessing your account, or if you believe your account has been accessed without your authorization, please contact your support team.