Create a Vulnerability Response severity map

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Vulnerability Response severity mapping transforms third-party source severity fields to recognizable fields in Vulnerability Response.

    Before you begin

    Role required: sn_vul.vulnerability_admin or sn_vul.admin (deprecated)

    About this task

    Vulnerability Response ships with National Vulnerability Database (NVD) to normalized ServiceNow severity mapping. ServiceNow third-party integrations such as the Qualys Vulnerability Integration provide severity mappings upon installation. These maps can be adjusted by changing the fields in existing maps.

    Creating or editing a severity map is intended only for customized or non-standard third-party mappings in your environment.

    Procedure

    1. Navigate to All > Vulnerability Response > Administration > Normalized Severity Mapping.
    2. Click New.
    3. Fill in the fields on the form, as appropriate.
      Table 1. Field mapping
      Field Description
      Source The name of the source for the severity mapping.
      Source value The source severity value.
      Target value The target severity value. Choices are:
      • 1- Critical
      • 2 - High
      • 3 - Medium
      • 4 - Low
      • 5 - None
      Integration type Integration type choices are:
      • Vulnerability Response
      • Application Vulnerability Response
      • National Vulnerability Response
      • Container Vulnerability Response
    4. Repeat Step 3 for each source severity level.
    5. Select Save.