Reporting a potential security vulnerability

If you see a potential IBM Cloud security vulnerability, report it by completing the following steps:

1. Open a severity 1 case or a case of the highest severity level that your support allows. For information about how to open a case, see Creating support cases.
2. Clearly describe in the case summary that the case is about a potential security vulnerability.
3. Provide details of the potential security vulnerability by including one of the following items:
   • A phone number at which you can be reached to discuss the issue.
   • Details of the issue. You must encrypt the details as a block of text in the body of the case. You must also provide instructions on how IBM Support can securely contact you to get decryption instructions.