CVE-2006-2461
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/05/2006
Last modified:
03/04/2025
Description
BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://dev2dev.bea.com/pub/advisory/194
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016102=
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26459
- http://dev2dev.bea.com/pub/advisory/194
- http://secunia.com/advisories/20130
- http://securitytracker.com/id?1016102=
- http://www.vupen.com/english/advisories/2006/1828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26459