Hi All,

We have Tenable.sc integrated with ServiceNow using the ServiceNow integration application. I'm having trouble when the reference data in Tenable is updated but those updates are not received by ServiceNow. 

I'll illustrate with an example:

By viewing Tenable I can see that Tenable plugin 156057 was first published on 12 Dec 2021 and the Changelog shows it was updated on 1st May 2023 as follows:

• CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
• Exploit attributes ("Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

In ServiceNow I have TEN-156057, first created on 25 Sept 2022 (that tallies with our go live date), but the fields listed in the changelog have different values, ones that would be appropriate if the vulnerability had not been exploited.

My deduction is that updates to this reference data is either not being fed through from Tenable or not being picked up by ServiceNow.

Can anyone help me understand how to fix please?