An Interim Fix which provides enhancements to session security for IBM WebSphere Commerce V7.0 is now available.
WebSphere Commerce enhances the security in session management by generating the session information (session cookie or URL parameters) with a generated encryption key different from the merchant key provided by the administrator.
This enhancement employs separate keys for session and data encryption to improve the overall security for WebSphere Commerce sites.
Resolving the problem
To obtain this fix, please contact support for Interim Fix JR35136.