Open to people in Finland

Ulkoministeriö Bug Bounty - Ministry for Foreign Affairs of Finland

Ministry for Foreign Affairs in Finland Bug Bounty. Are there vulnerabilities in the Minstry web site?

100€ - 5000€

2.12.2019 at 12.00 - 1.6.2020

Report     Rules (in Finnish)

Ministry for Foreign Affairs

The Ministry for Foreign Affairs promotes the security and welfare of Finland and the Finns, and works for a secure and fair world.

Program in a nutshell

The current scope from 9.3.2020 is:

Note the current restrictions and limitations. These may change at some point which will be separately communicated:

  • WWW-functionality only (i.e. http/https-protocols).
  • Ways to change the text on the website is of special interest. However, if you can inject content into the website, please do it in non-visible manner (HTML comments, background coloured text etc).
  • No denial of service tests
  • If you can access any kind of user information or personally identifiable information, do not load or transfer them any more than necessary to show the vulnerability.
  • If you send in a misuse report at the Väärinkäyttöilmoitus site, you must use the text "BUG BOUNTY TEST 2020" as part of the subject line.
  • You may not take part in the Väärinkäyttöilmoitus bug bounty if you work with the said system.

Read the rules. If you have trouble understanding Finnish, let us know and we'll translate.

  • You need to have a Finnish bank account and be a Finnish tax subject to take part in the program. You don't need to be a citizen. Bounties can be paid only to a Finnish bank account with a Finnish tax paperwork.
  • Use the reporting portal to report a vulnerability and do not publish it elsewhere.
  • If you don't know whether something is allowed or may cause issues with the targets, ask Hackrfi staff via the reporting portal
  • If you can access the server operating system, do not pivot to other hosts from there.

The shorthand name for this program in our reporting portal is UM (which comes from the word Ulkoministeriö).

Ministry for Foreign affairs cares about security, thank you!

Rules (in Finnish)     Report a vulnerability

Do you want to become a bug bounty hunter?

Create an account to our reporting portal, where you can submit reports to open programs.