Request demo
HERE Technologies/Here Technologies/Detail
Detail Updates Leaderboard
sort by
Last published
Tier 3 scope update - please report us Spring4Shell!
4/1/2022, 5:49:52 PM (about 2 years ago)

Hi Intigriti!
As always, we need your help to make sure there are no customer facing HERE applications which are affected by recent Spring4Shell vulnerability (CVE-2022-22965).
We just updated Tier 3 (*.here.com, *.hereapi.com) scope with this new info. Hope you will be able to find some time and help us find something what our eye's might have missed!
Stay tuned!

Scope extended: "HERE Routing" added
3/28/2022, 7:41:04 PM (about 2 years ago)

Hi Intigriti!
We wanted to let you know that we just extended scope of our program! One of our current goals is to make sure that HERE “Location Services”, which are used all over the world to make our lives easier when we are dealing with travelling from point A to point B, are secure and safe to use. And we need your help to achieve this goal! I’m excited to announce that today we made our first step towards it by adding into scope services which represent HERE Routing eco system. Hope you’ll be able to help us verify that everything is good from security perspective there!

Scope update: help us respond to Log4J RCE vulnerability (*.here.com)
12/20/2021, 4:19:06 PM (over 2 years ago)

Hi Intigriti!
Last several days was real fun for our security team - handling such a big thing like Log4J RCE vulnerability is always a good exercize.
As a part of our response to this vulnerablity - we need your help - we are extending our scope to *.here.com (Tier 3) for this specific RCE vulnerability (CVE-2021-44228) and hope you will be able to help us find something what our eye's might have missed!