CVE-2006-2461

{"id": "CVE-2006-2461", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-05-19T10:02:00.000", "references": [{"url": "http://dev2dev.bea.com/pub/advisory/194", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20130", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016102", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/1828", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26459", "source": "cve@mitre.org"}, {"url": "http://dev2dev.bea.com/pub/advisory/194", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/20130", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1016102", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/1828", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26459", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic."}], "lastModified": "2024-11-21T00:11:21.780", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E08D4CEA-9ACC-4869-BC87-3524A059914F"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F5B2A06-CE19-4A57-9566-09FC1E259CDB"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D18E22CC-A0FC-4BC7-AD39-2645F57486C1"}, {"criteria": "cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9429D939-FCC4-4BA7-90C4-BBEECE7309D0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}