Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2461


Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2461
Last Modified 07 Mar 2011 09:36:14
Published 19 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic.

Vulnerable Systems


  • Bea Weblogic Server 8.1


SECTRACK - 1016102

SECUNIA - 20130

BEA - BEA06-132.00

VUPEN - ADV-2006-1828

XF - weblogic-transaction-channel-insecure(26459)

Last Updated: 27 May 2016 10:42:28