Description
Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via  ~/.cassandra/cqlsh_history local file access.

Users are recommended to upgrade to version 4.0.20, which fixes this issue.

--
Description: Cassandra's command-line tool, cqlsh, provides a command history feature that allows users to recall previously executed commands using the up/down arrow keys. These history records are saved in the ~/.cassandra/cqlsh_history file in the user's home directory.

However, cqlsh does not redact sensitive information when saving command history. This means that if a user executes operations involving passwords (such as logging in or creating users) within cqlsh, these passwords are permanently stored in cleartext in the history file on the disk.
Published: 2026-04-07
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Information Disclosure
Action: Patch Now
AI Analysis

Impact

Cassandra’s command‑line shell, cqlsh, records every command it executes in the user’s home directory without sanitising sensitive data. Operations that include passwords, such as login or user creation commands, are written to the ~/.cassandra/cqlsh_history file in cleartext. Consequently, any information entered in those commands becomes permanently accessible to anyone who can read the history file.

Affected Systems

The affected vendor is the Apache Software Foundation and the product is Apache Cassandra. The vulnerability exists in all 4.0 releases shipped before the 4.0.20 update, which removes the problematic history behaviour. No specific sub‑version is listed; any unpatched 4.0 build should be considered vulnerable.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity, while the EPSS score of less than 1% suggests that large‑scale exploitation is unlikely. The vulnerability is not present in the CISA KEV catalog. Based on the description, it is inferred that the attack requires local read access to the ~/.cassandra/cqlsh_history file in a user’s home directory. Once read, the stored passwords can be used to compromise the database or broader network resources.

Generated by OpenCVE AI on April 9, 2026 at 16:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Apache Cassandra to version 4.0.20 or later
  • Restrict permissions on the ~/.cassandra/cqlsh_history file so that only the owning user can read it
  • Delete or clear the existing history file and reset its ownership and permissions
  • Avoid embedding passwords directly in cqlsh commands; use secure parameter files or environment variables instead

Generated by OpenCVE AI on April 9, 2026 at 16:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-fh34-c629-p8xj Apache Cassandra has sensitive Information Leak in cqlsh
History

Wed, 15 Apr 2026 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:apache:cassandra:*:*:*:*:*:*:*:*

Thu, 09 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache cassandra
Vendors & Products Apache
Apache cassandra

Tue, 07 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
References

Tue, 07 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Description Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via  ~/.cassandra/cqlsh_history local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description: Cassandra's command-line tool, cqlsh, provides a command history feature that allows users to recall previously executed commands using the up/down arrow keys. These history records are saved in the ~/.cassandra/cqlsh_history file in the user's home directory. However, cqlsh does not redact sensitive information when saving command history. This means that if a user executes operations involving passwords (such as logging in or creating users) within cqlsh, these passwords are permanently stored in cleartext in the history file on the disk.
Title Apache Cassandra: cqlsh history sensitive information leak
Weaknesses CWE-532
References

Subscriptions

Apache Cassandra
cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2026-04-09T14:38:23.271Z

Reserved: 2026-02-19T05:21:19.755Z

Link: CVE-2026-27315

cve-icon Vulnrichment

Updated: 2026-04-07T17:25:59.994Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-07T17:16:27.827

Modified: 2026-04-15T15:47:57.567

Link: CVE-2026-27315

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:41:27Z

Weaknesses