Role(s) | Phase(s) | Problem | Description | Tips |
---|---|---|---|---|
Reporter | Validation and Triage | Vendor explicitly declines to take action on a report |
Assuming both conditions above have been met, the validation and triage phase has concluded, and the vendor has indicated that they will not be engaging in the remediation phase. | The reporter's implied obligation to the vendor coordination process is effectively terminated at this point. Assuming the reporter chooses to continue pursuing the issue at all, their options include:
|
Vendor / Coordinator / Reporter | Discovery Reporting Validation and Triage Remediation | Evidence of exploitation for an embargoed report |
| At this point, the embargo is effectively moot, and the Public Awareness phase is initiated regardless of whether the preceding phases have completed. Vendors, Coordinators, and Reporters should always be ready to immediately terminate an embargo and go public with whatever advice is available at the time that evidence of exploitation becomes known. Even a simple Vendor acknowledgement that the problem is being worked on can help deployers adjust their response accordingly. |
Reporter | Reporting | Unable to find vendor contact |
| |