{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T00:37:30.040","vulnerabilities":[{"cve":{"id":"CVE-2018-6586","sourceIdentifier":"vuln@ca.com","published":"2018-03-29T13:29:00.397","lastModified":"2024-11-21T04:10:56.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing."},{"lang":"es","value":"CA API Developer Portal desde la versión 3.5 hasta la 3.5 CR6 tiene una vulnerabilidad Cross Site Scripting almacenado relacionada con el procesamiento de las imágenes de perfil."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"vuln@ca.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:*:*:*:*:*:*:*","matchCriteriaId":"6B1D3292-BF44-4777-9ED2-CB54887C0B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:cr1:*:*:*:*:*:*","matchCriteriaId":"8DDCE212-50AF-4545-A7A0-A0F10B9BF22F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:cr2:*:*:*:*:*:*","matchCriteriaId":"C316E3B3-D22C-431F-8582-EC4E3DDE28EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:cr3:*:*:*:*:*:*","matchCriteriaId":"E4CD7D90-B135-4B66-8E30-5F20BFCD4C5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:cr4:*:*:*:*:*:*","matchCriteriaId":"B86B0867-46CD-40E9-AEB4-05607E1F4EE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:cr5:*:*:*:*:*:*","matchCriteriaId":"F9188775-D7B6-4A69-8C52-036CD72B244C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ca:api_developer_portal:3.5:cr6:*:*:*:*:*:*","matchCriteriaId":"C120F5A2-A86B-4B62-A9C1-02255BF99277"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1040603","source":"vuln@ca.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html","source":"vuln@ca.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1040603","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}