IBM WebSphere DataPower XC10 appliances 2.5.0 do not require authentication for all administrative actions, which allows remote attackers to cause a denial of service via unspecified vectors.Referenceshttp://www.ibm.com/support/docview.wss?uid=swg21653546https://exchange.xforce.ibmcloud.com/vulnerabilities/87560http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617
