Verify that the scheduled job for updating CWE records is running

  • Release version: Zurich
  • Updated July 31, 2025
  • 1 minute to read

    • Use Common Weakness Enumeration (CWE) records downloaded from the CWE database for reference when deciding whether a vulnerability must be escalated. Update common weakness records from the Common Weakness Enumeration database on a regularly scheduled basis. You can also update the default script or write your own scripts, as needed.

    Before you begin

    Role required: App-Sec Manager group

    Each CWE record also includes an associated knowledge article that describes the weakness.

    Procedure

    1. Navigate to All > Application Vulnerability Response > Administration > Integrations.
    2. Select the CWE Comprehensive 2000 Integration scheduled job.
    3. Verify that the Active check box is selected.
      Note:
      The settings in this form are shared by Vulnerability Response and Application Vulnerability Response. Modifying the integration settings requires coordination with and expertise in Vulnerability Response and ServiceNow.
    4. If the box is selected, you are done.
      Note:
      If the box is not selected, this integration may need to be configured within Vulnerability Response. See Importing data with the NVD and CWE integrations and managing third-party libraries for more information before selecting it.
      As needed, see View vulnerability libraries to see the imported entries.

      The Primary CWE field contains the CWE entry. If there is more than one CWE is associated with a vulnerability, see Application Vulnerability fields for information on how the primary CWE is determined.