Anyone else have their NIST/NVD CVE Only version of the integration fail for the last 48 hours?

Community Alums · ‎12-19-2023

Hi all,

I have more than one instance where it failed with a "bad json" message. I'm pretty sure nothing changed on our side.

Colleen

andy_ojha · ‎12-19-2023

Hey there,

NIST deprecated their 1.0 API ~last week.

The latest NOW Store App for VR and NVD has the plumbing to use the new 2.0 API for NIST NVD.

Seeing successful API calls the past few days, with the 2.0 NIST NVD API and a valid API key.

Any chance you might be on the older Store App for NIST NVD that employs the v1 API?

Reference:

https://www.servicenow.com/community/secops-articles/essential-upgrade-december-nist-nvd-api-1-0-dep...

View solution in original post

andy_ojha · ‎12-19-2023

Hey there,

NIST deprecated their 1.0 API ~last week.

The latest NOW Store App for VR and NVD has the plumbing to use the new 2.0 API for NIST NVD.

Seeing successful API calls the past few days, with the 2.0 NIST NVD API and a valid API key.

Any chance you might be on the older Store App for NIST NVD that employs the v1 API?

Reference:

https://www.servicenow.com/community/secops-articles/essential-upgrade-december-nist-nvd-api-1-0-dep...

Community Alums · ‎12-19-2023

Yep, that was it. We are running the correct store app but we were 1 version back from 1.4.2.

Thanks!

Martin Dewit · ‎12-19-2023

Agree with Andy here;

Colleen,

Are you using NVD API v1 or v2? Effective 12/15 v1 has been retired, https://nvd.nist.gov/general/news/api-20-announcements. There is a new NVD Store app with updated API version.