H3-2022-0044
Shell History File Exposure
Category | SECURITY_MISCONFIGURATION |
Base Score | 7.5 |
Description
Most interactive commandline programs (i.e. bash, python, less, etc.) save their command history in a file. This is done to give the user the opportunity to navigate through previous commands even if the program terminated in between.
Impact
Attackers may search the bash command history on compromised systems for insecurely stored credentials.