Bime


reports in last 90 days

8

disclosed resolved issues

0

disclosed informative issues

1

disclosed N/A issues

Listed on HackerOne — Updated on 2019/10/15

Bug Title Bug Type Found By Report Info Report Status

No rating SSRF issue

Command Injection - Generic 4lemon Time to triage: 5 Days and 18 hours


Time to close: 68 Days and 22 hours
Resolved

No rating Subdomain takeover at ws.bimedb.com due to unclaimed Amazon S3 bucket

None supplied sameoldstory Time to triage: 12 Days and 9 hours


Time to close: 0 Days and 0 hours
Resolved

No rating XXE in the Connector Designer

Information Disclosure agarri_fr Time to triage: 5 Days and 17 hours


Time to close: 9 Days and 0 hours
Resolved

No rating The JDBC driver used by the Vertica connector allows to create files on the backends

None supplied agarri_fr Time to triage: 5 Days and 11 hours


Time to close: 29 Days and 2 hours
Resolved

No rating SSRF in the Connector Designer (REST and Elastic Search)

Privilege Escalation agarri_fr Time to triage: 5 Days and 12 hours


Time to close: 32 Days and 12 hours
Resolved

No rating Attacker can access graphic representation of every query

Information Disclosure jobert Time to triage: 1 Days and 12 hours


Time to close: 6 Days and 4 hours
Resolved

No rating Urgent: attacker can access every data source on Bime

Information Disclosure jobert Time to triage: 1 Days and 13 hours


Time to close: 6 Days and 4 hours
Resolved

No rating Bime Unable to load Data Sources

Memory Corruption - Generic anish2good Issue was not triaged


Time to close: 0 Days and 3 hours
Not-applicable

No rating Subdomain takeover due to unclaimed Amazon S3 bucket on a2.bime.io

Cross-site Scripting (XSS) - Generic michiel Issue was not triaged


Time to close: 3 Days and 20 hours
Resolved