Lucene search
HistoryMay 19, 2006 - 10:02 a.m.
CVE-2006-2461
cve-2006-2461
bea weblogic server
ssl encryption
quality of service
sensitive network traffic
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
87.2%
BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic.
Affected configurations
Node
beaweblogic_serverMatch8.1
ORbeaweblogic_serverMatch8.1sp1
ORbeaweblogic_serverMatch8.1sp2
ORbeaweblogic_serverMatch8.1sp3
| CPE | Name | Operator | Version |
|---|---|---|---|
| bea:weblogic_server | bea weblogic server | eq | 8.1 |
Related
prion
prion
Code injection
2006-05-19 10:02:00
Code injection
2007-08-31 00:17:00
nvd
nvd
CVE-2006-2461
2006-05-19 10:02:00
CVE-2007-4613
2007-08-31 00:17:00
cvelist
cvelist
CVE-2006-2461
2006-05-19 10:00:00
CVE-2007-4613
2007-08-31 00:00:00
cve
cve
CVE-2007-4613
2007-08-31 00:17:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
87.2%
Related for CVE-2006-2461