Unrated severityNVD Advisory· Published May 19, 2006· Updated Jun 16, 2026

CVE-2006-2461

Description

BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Bea/WebLogic Server5 versions
cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
- (no CPE)range: <8.1 Service Pack 4

Patches

Vulnerability mechanics

References

dev2dev.bea.com/pub/advisory/194nvdPatchVendor Advisory
secunia.com/advisories/20130nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.vupen.com/english/advisories/2006/1828nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26459nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000