Anyone else have their NIST/NVD CVE Only version of the integration fail for the last 48 hours?

Community Alums
Not applicable

Hi all,

I have more than one instance where it failed with a "bad json" message. I'm pretty sure nothing changed on our side.

Colleen

1 ACCEPTED SOLUTION

andy_ojha
ServiceNow Employee
ServiceNow Employee

Hey there,

NIST deprecated their 1.0 API ~last week.

The latest NOW Store App for VR and NVD has the plumbing to use the new 2.0 API for NIST NVD.

Seeing successful API calls the past few days, with the 2.0 NIST NVD API and a valid API key.

Any chance you might be on the older Store App for NIST NVD that employs the v1 API?  

Reference:

https://www.servicenow.com/community/secops-articles/essential-upgrade-december-nist-nvd-api-1-0-dep...

View solution in original post

3 REPLIES 3

andy_ojha
ServiceNow Employee
ServiceNow Employee

Hey there,

NIST deprecated their 1.0 API ~last week.

The latest NOW Store App for VR and NVD has the plumbing to use the new 2.0 API for NIST NVD.

Seeing successful API calls the past few days, with the 2.0 NIST NVD API and a valid API key.

Any chance you might be on the older Store App for NIST NVD that employs the v1 API?  

Reference:

https://www.servicenow.com/community/secops-articles/essential-upgrade-december-nist-nvd-api-1-0-dep...

Community Alums
Not applicable

Yep, that was it. We are running the correct store app but we were 1 version back from 1.4.2.

Thanks!

Martin Dewit
Kilo Sage

Agree with Andy here;

 

Colleen,

 

Are you using NVD API v1 or v2? Effective 12/15 v1 has been retired, https://nvd.nist.gov/general/news/api-20-announcements. There is a new NVD Store app with updated API version.