Reserved my first CVE. What now?

Throw away account.

At my last employer i discovered a secrity flaw in one of our bought industry software (publicly available, industry specific, mid-sized vendor software). The software used fixed credentails within the source code to encrypt sensitive information. I´ve confronted the company which made the software. They confirmed the situation but ignored the potential security flaw. Back then I couldn´t do anymore because my boss didn´t want any drama associated with this software company.

Now, a year later, I …

account back boss code cve cybersecurity drama employer encrypt flaw industry information security sensitive information software source code the company vendor