PT-2006-3409 · Bea · Bea Weblogic Server

Published

2006-05-19

Updated

2017-07-20

CVE-2006-2461

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions BEA WebLogic Server versions prior to 8.1 Service Pack 4

Description The issue prevents some transmissions from being encrypted via SSL in certain circumstances, allowing remote attackers to more easily read potentially sensitive network traffic. This occurs due to improper setting of the Quality of Service.

Recommendations For versions prior to 8.1 Service Pack 4, update to 8.1 Service Pack 4 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2461

Affected Products

Bea Weblogic Server

PT-2006-3409 · Bea · Bea Weblogic Server

CVE-2006-2461

Related Identifiers

Affected Products

References · 7