Unrated severityNVD Advisory· Published May 19, 2006· Updated Jun 16, 2026

CVE-2006-2462

Description

BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6, may send sensitive data over non-secure channels when using JTA transactions, which allows remote attackers to read potentially sensitive network traffic.

Affected products

Bea/WebLogic Server11 versions
cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*
- (no CPE)range: 8.1 < Service Pack 4, 7.0 < Service Pack 6

Patches

Vulnerability mechanics

References

dev2dev.bea.com/pub/advisory/195nvdPatchVendor Advisory
secunia.com/advisories/20130nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.vupen.com/english/advisories/2006/1828nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26458nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000