VR: How to Filter Vulnerabilities by CVE Pattern (e.g., CVE-2024-*)

JohnPacker
Kilo Contributor

‎03-26-2025 06:34 AM

Hi everyone,

We are currently evaluating ServiceNow Vulnerability Response (CR) and have integrated it with Qualys, which has imported around 1,000 IT vulnerabilities into our instance.

I would like to filter all vulnerabilities based on a CVE pattern, for example, CVE-2024-*, to see only vulnerabilities related to this year. We do not want to filter by only one or two specific known CVEs (like CVE-2024-12345) but instead for something more complex like: Show me all Vulnerability Items that include CVEs like 'CVE-2024-' or 'CVE-2021-1*'

My Questions:

  1. Is there a built-in way in ServiceNow VR to filter vulnerabilities by a CVE pattern like "CVE-2024-*"?

  2. Can this be done using list filters, or do I need a scripted query?

  3. Are there best practices or workarounds for searching for multiple CVEs at once?

Any help or guidance would be greatly appreciated!

Thanks in advance. 😊

0 Helpfuls
  • 630 Views
1 REPLY 1

Shivam Sarawagi
ServiceNow Employee
ServiceNow Employee

‎04-01-2025 11:40 AM

You can use this query as shown in the screenshot, but this would be one CVE search at a time. You can also consider having another column similar to this, and in that, instead of having a reference to CVE, you can have CVE ID itself to make it more searchable like the one you mentioned. You can check the BR "Populate CVEs on third-party entry" for reference.

 

Screenshot 2025-04-02 at 12.06.55 AM.png

0 Helpfuls