Erik

**Name of the Vulnerable Software and Affected Versions** IBM WebSphere DataPower XML Security Gateway XS40 version 3.6.1.5 **Description** The issue allows remote attackers to cause a denial of service, resulting in a device reboot, by sending specific data over an established SSL connection. An example of such data is the `abcr r ` string. **Recommendations** For IBM WebSphere DataPower XML Security Gateway XS40 version 3.6.1.5, consider restricting or validating the data sent over established SSL connections to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.