There is a denial of service in the Apache CXF library used by
WebSphere Application Server.This has been addressed.
Just published by IBM: Read more https://www.ibm.com/support/pages/node/1288774?myns=swgws&mynp=OCSSEQTP&mync=R&cm_sp=swgws-_-OCSSEQTP-_-R