Thanks for the info.  We just rolled out VR15, and we're just starting to get our teams using the tool, so I'm not sure if this had persisted.  

Can you confirm that with VR15, the VUL should close regardless of state?

Do you have any leads as to what we might need to clean up? 

Steve,

Here is how I went about Cleaning stale items

1. Try this URL in your instance "<Instance Name>/sn_vul_vulnerability_list.do?sysparm_query=state!%3D3%5Erisk_rating%3D5%5Eactive_nd_vis%3D0%5EORactive_nd_vis%3DNULL&sysparm_view="

This will give you a list of Remediation tasks that have all VITs closed with one or more stale VITs in them

2. Next, I created a fix script to close these remediation tasks. You may choose to do it manually but our volume was huge. I have ran this script on my production instance so I am fairly confident. However, with any script usage in SNow, pls use caution and proceed only if you completely understand what is going  on here. THis script just goes thru all remediation tasks on our list to close them as either fixed with Exceptions or Cancelled based on how many stale VITs are part of a VUL group.

var vul = new GlideRecord('sn_vul_vulnerability');
vul.addQuery('state!=3^risk_rating=5^active_nd_vis=0^ORactive_nd_vis=NULL');
vul.query();
while (vul.next()) {
var vit_all_stale = true;
var vul_m2m = new GlideRecord('sn_vul_m2m_vul_group_item');
vul_m2m.addQuery('sn_vul_vulnerability', vul.sys_id);
vul_m2m.query();
while (vul_m2m.next()) {
var vit = new GlideRecord('sn_vul_vulnerable_item');
vit.addQuery('sys_id', vul_m2m.sn_vul_vulnerable_item);
vit.query();
while (vit.next()) {
if (vit.substate != 6) {
vit_all_stale = false;
break;
}
}
}
if (vit_all_stale == true) {
vul.state = 3;
vul.substate = 5; //Cancelled
vul.close_notes = 'ASR Closure-All VITs remediated (stale rule)';
} else {
vul.state = 3;
vul.substate = 16; //Fixed with Exceptions
vul.close_notes = 'ASR Closure-All VITs remediated (stale rule)';
}
//vul.setWorkflow(false);
vul.autoSysFields(false);
vul.update();
}