Security bulletins and announcements
Planon uses various methods to communicate security vulnerability information to customers. Security Bulletins are used when publicly disclosing security vulnerabilities in Planon products. Alternative tools and processes may be used when appropriate, i.e. for underlying libraries, apps or phishing attempts., or, when discrete communication with entitled customers is required.
To protect our customers, security vulnerabilities are not publicly disclosed or confirmed until we have conducted an analysis of the product and issued fixes and/or mitigations. We may however respond to security issues found in other products to keep customers informed of the status while the investigation is still ongoing.
With Security Bulletins Planon notifies customers about potential vulnerabilities, but customers are responsible for assessing the impact of any actual or potential security vulnerability in the context of their environment. Given their sensitive nature, Security Bulletins do not include detailed vulnerability exploitation information.
Report a cybersecurity vulnerabilty
If you have discovered a security issue, please contact us by completing this pre-filled email.
Note: Only submissions in English will be accepted.
If the link above is not working for you please contact security@planonsoftware.com and include the following information:
Subject: Product Vulnerability Report - [title]
Body:
- First Name:
- Last Name:
- Email:
- Phone number:
- Country:
- Organization name (if applicable):
- Source Type:
- Product Line:
- Vulnerable Version:
- Vulnerability type [CWE ID if available]:
Providing personal information while reporting a vulnerability is optional and not mandatory.
Latest announcements and updates
If you have any questions, please reach out to us via the Planon Customer Portal
or send an email to support@planonsoftware.com.