In the process analysis page, the command line contains a password in plain text or an environmental variable such as %hostname% as the actual variable. 

• Carbon Black EDR: All Versions

Unfiltered capturing of the executed command line. 

The EDR Sensor will capture the command line as it is executed and reported by the OS.

• If a user is entering a password in the command line in plain text, the sensor will capture this data. The data is not filtered. 
• For environmental variables, this depends on how the OS is reporting the command line at execution. The same can be seen by capturing a procmon during the execution of the command and viewing the command line captured for the process.