The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/87910
http://www.ibm.com/support/docview.wss?uid=swg21653546