Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Consistently failing NIST NVD Unmapped CPE integration.

GudiyaYadav
Tera Contributor

‎12-24-2024 04:19 AM

Hello Community,

 

I am trying to run the NIST National Vulnerability Database Integration - API (Unmapped CPE) but it is failing with the error message 'Attempting retry with process VINTPRC00******. Error: Invalid response code received from NVD: 403. Encountered process error running the integration'. Any idea how to troubleshoot this issue?

 

Thank You!

0 Helpfuls
  • 1,509 Views
1 REPLY 1

andy_ojha
ServiceNow Employee
ServiceNow Employee

‎12-24-2024 10:18 AM

Hey there,

A few things to check on:

 

1) What version of the Store App for VR Integration w/ NVD are you using?

 -  Is it newer than v1.4.2?

 

2) Ensure we are using a valid NIST API key for the integration(s) here 
 - https://www.servicenow.com/community/secops-vr-forum-read-only/nist-nvd-unmapped-cpe-integration-inv...
 - If you are not employing an API Key from. NIST, you should obtain one and re-test ... 


3) If we have multiple NOW Instance(s) running the NIST integrations at the same time, AND using the same API key - we should stagger the scheduling of these jobs to not overlap

4) We have seen situations where the data from NIST NVD for CPEs - has grown recently and integration we have with VR may need some tuning, specifcally around the page size to handle this 
  - This helps reduce the file sizes down below 100MB for ServiceNow to process, in a 60 min window 
  - If file sizes are beyond 100MB the integration processing will error out 
  - If the files being processed take more than an hour, the integration processing will error out 

  - As of now, 150 seems to be the sweet spot for the Unmapped CPE page sizing (baseline it is 500)
    -> 'page_size_for_unmapped_cpe'

 

andy_ojha_0-1735064249813.png

 

 

 

0 Helpfuls