Preview Tool

Cisco Bug: CSCvu47790 - bash history records curl command containing credentials

Last Modified

Jun 03, 2020

Products (1)

  • Cisco Elastic Services Controller

Known Affected Releases


Description (partial)

It is undesirable to leak passwords from interactive shell use into history.   Bash history records commands for future retrieval. 
Configuration file /etc/profile.d/ aims to suppress recording of command containing passwords.       Patterns to ignore are added to HISTIGNORE

Execution of curl command containing pattern 'curl -u user:password' is recorded into bash history.

Command matching pattern 'curl -u user:password' will be recorded into bash history.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.