Tesla paid a $10,000 bounty for a vulnerability in Microsoft SQL Server Reporting Services (SSRS) that had received a patch five days before getting the bug report. The issue was tagged as a server-side injection that led to remote code execution. German bug hunter parzel found it in a Tesla server for partners, which qualified for a reward. Tesla responded to parzel’s report by acknowledging the security lapse and taking the vulnerable service offline. The report was made public on Wednesday.
Source: https://www.bleepingcomputer.com/news/security/tesla-pays-10k-for-microsoft-sql-server-reporting-services-bug/