Report #30813

Application level denial of service leads crash down website and server

Immunefi Response

Thank you for your submission to the Beanstalk bug bounty program. Unfortunately, after reviewing your report, Immunefi has decided to close it due to the assessed impact being out of scope.

Immunefi review:

• The claimed impact A temporary or self-correcting loss of website availability (e.g. a mitigatable vulnerability to DDoS) by the whitehat is in the scope of the bug bounty program but the assessed impact doesn't match with the claimed impact for the following reasons.
• After the review, Triaging concluded that the issue reported by the whitehat is not valid, as the proof of concept from the Burp Suite tool yielded an HTTP 400 Bad Request response and failed to demonstrate the alleged impact of website unavailability.
• assessed asset by the triage team is in scope for the bug bounty program
• PoC has been submitted to the project

Please note that the project will receive a report of the closed submission and may choose to re-open it, but they are not obligated to do so.