Vulnerability Response Integration with NVD release notes

Watch

Save as PDF

Share this page

Feedback

ServiceNow Store release notes

HomeStore Release NotesServiceNow Store release notesServiceNow Store - Security Operations release notesServiceNow Store - Vulnerability Response release notesVulnerability Response Integration with NVD release notes

Table of Contents

Vulnerability Response Integration with NVD release notes

Watch

Save as PDF

Share this page

Feedback

UpdatedMay 1, 2025
2 minutes to read

Version history for the Vulnerability Response Integration with NVD on the ServiceNow Store.

Important: For details on system requirements and family compatibility, view the application listing on the ServiceNow Store website.

Version history

Version 1.6.1 - May 2025

Changed: The 'Source' column in the reference table and the CPE field should be populated with 'NVD'. If any changes occur, only the CPE and references marked with the source 'NVD' should be deleted.

Version 1.5.3 - December 2024

Minor fixes for this release.

Version 1.5.1 - November 2024

New: The National Vulnerability Database (NVD) now includes entries for the Common Vulnerability Scoring System (CVSS) score 4.0 values.

Version 1.4.5 - May 2024

Fixed: The NVD integration has been fixed to utilize the secondary CVSS score when primary CVSS score is unavailable.

Version 1.4.3 - February 2024

Changed: CVSS3.0 will be considered for processing if CVSS3.1 is not present in the NVD response.

Version 1.4.2 - November 2023

Fixed: Updated unmapped integration to use the cpesearch Rest Endpoint API so that the number of API calls are reduced to NVD for associating software with NVD entry if the NVD entry exists.

Version 1.3.3 - August 2023 (Vancouver)

New:
- Created the following integrations to use NVD API 2.0 version.
- NIST National Vulnerability Database Integration - API (CPE only). This integration fetches CPEs.
- NIST National Vulnerability Database Integration - API (Unmapped CPE). This integration maps CPEs with the CVEs.
Changed: Deprecated existing integration i.e NIST National Vulnerability Database Integration - API (CVE and CPE).

Version 1.2.0 - May 2022

New: Added support for using API keys for calling NVD endpoints.

Version 1.1.0 - October 2021

Changed:
- Modifications to support changes to the CPE APIs done by NIST. These changes restrict CPE APIs by limiting date ranges to 120 days.
- When you enter a start or end date for the optional parameters, you need to provide both the start and end dates.

Version 1.0.3 - June 2021

Fixed: The "source" attribute is populated in the Third-party entry table for NVD records. Vulnerable Software records from NVD are available as expected.

Version 1.0.0 - February 2021

New:
- Initial release.
- Two NVD integrations that import the CVEs and CPEs information from the NIST National Vulnerability Database (NVD).

Store Release Notes

Filters

Versions

Products