IBM Security Bulletin: SSL/TLS side channel timing vulnerability on WebSphere DataPower (CVE-2014-0852)
DataPower appliances might be subject to side channel timing based attacks.
Products: WebSphere DataPower SOA Appliances.
Versions: All versions through 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11. Note that versions 18.104.22.168 and higher are not affected by this vulnerability.
Hardware models: All platforms - 9004, 9005 and HS22 Blade. (9004 MTM - 9235-xxx; 9005 MTM - 7198 (1U) and 7199 (2U); HS22 - Integration Blade XI50B Type 4195)
Note that DataPower Virtual edition is not affected.