Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-tj46-drf4-q7hy
Vulnerability ID VCID-tj46-drf4-q7hy
Aliases CVE-2022-4070
GHSA-x93j-3hh3-6x23
Summary Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-613 Insufficient Session Expiration
System Score Found at
epss 3e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-4070
cvssv3.1_qr CRITICAL https://github.com/advisories/GHSA-x93j-3hh3-6x23
cvssv3 2.7 https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
cvssv3.1 9.8 https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
generic_textual CRITICAL https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
ssvc Track https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
cvssv3 2.7 https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
cvssv3.1 9.8 https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
generic_textual CRITICAL https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
ssvc Track https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-4070
generic_textual CRITICAL https://nvd.nist.gov/vuln/detail/CVE-2022-4070
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-4070
72d426bb-b56e-4534-88ba-0d11381b0775 https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
ce8e5f3d056829bfa7a845f9dc2757e21e419ddc https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
CVE-2022-4070 https://nvd.nist.gov/vuln/detail/CVE-2022-4070
GHSA-x93j-3hh3-6x23 https://github.com/advisories/GHSA-x93j-3hh3-6x23
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T18:14:00Z/ Found at https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T18:14:00Z/ Found at https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-4070
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.00139
EPSS Score 3e-05
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T17:39:07.342751+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2022/4xxx/CVE-2022-4070.json 38.6.0