Integrations for Central Vulnerability Database

  • Release version: Zurich
  • Updated March 28, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Integrations for Central Vulnerability Database

    The Central Vulnerability Database integrates with trusted global sources such as the National Vulnerability Database (NVD), European Union Vulnerability Database (EUVD), and Japanese Vulnerability Notes (JVN) to enrich and normalize vulnerability records within ServiceNow. This consolidation enables more accurate impact assessment, improved risk scoring, and effective remediation planning through enriched and prioritized vulnerability data.

    Show full answer Show less

    The EUVD and JVN integrations collect vulnerability data and make it available in the ServiceNow AI Platform®, integrating with Vulnerability Response to map CVE vulnerabilities and enhance data quality in your instance.

    Key Features

    • Integration Sources: EUVD and JVN provide authoritative vulnerability data which is ingested, parsed, and normalized into ServiceNow.
    • Data Processing: Uses custom Import Sets and Processor Scripts to transform raw API responses into structured vulnerability records.
    • Data Scope: Focuses on CVE-based information; does not ingest Common Platform Enumeration (CPE) or Common Weakness Enumeration (CWE) data, so software matching and weakness classification are limited.
    • Vulnerability Records: Data populates tables such as snvulnvdentry, snvulm2mentrycve, snvulreference, and others to organize vulnerabilities, affected software, and references.
    • CVSS Scoring: CVSS details (versions 2, 3, or 4) are accurately mapped to ensure proper vulnerability scoring and vector representation.
    • Run Schedule: EUVD integration runs on demand (recommended weekly), while JVN runs daily once activated.
    • Activation Required: Both integrations are not enabled by default and must be manually activated before use.
    • Run-As User: Each integration runs under the default VIF.System user, which should not be changed.

    Practical Steps for ServiceNow Customers

    • Verify that the Integrations for Central Vulnerability Database application is installed in your instance.
    • Manually activate either the EUVD or JVN integration before running them.
    • Perform an initial import to ingest vulnerability data from EUVD or JVN; verify successful data ingestion before importing data from third-party scanners.
    • Schedule or run the integrations as needed—EUVD on demand (weekly recommended), JVN daily—to keep your vulnerability data current and enriched.
    • Access integrations via the navigation by entering snvulintfwintegration.LIST to manage and monitor integration status and runs.
    • Ensure you have the proper entitlements to use these integrations on production environments.

    Benefits for Your Organization

    By leveraging these integrations, your ServiceNow instance gains enriched and normalized vulnerability records sourced from authoritative global databases. This enhances the accuracy of vulnerability impact assessments and risk scoring, enabling your security and IT teams to prioritize and remediate vulnerabilities more effectively from the initial ingestion point. The ongoing synchronization with EUVD and JVN helps maintain up-to-date vulnerability intelligence to support the vulnerability remediation lifecycle.

    The Central Vulnerability Database supports integration with trusted global vulnerability data sources, including the National Vulnerability Database, European Union Vulnerability Database (EUVD), and Japanese Vulnerability Notes (JVN), to enrich and normalize vulnerability records.

    By consolidating multiple authoritative and commercial intelligence sources, the Central Vulnerability Database enables more accurate impact assessment, improved risk scoring, and more effective remediation planning from the outset.

    The Integrations for Central Vulnerability Database collects data from EUVD and JVN and makes it available to the ServiceNow AI Platform®. It integrates with Vulnerability Response to map CVE vulnerabilities, enriching the data in your instance.

    Run this integration as part of the initial setup of Vulnerability Response, before importing data from third-party scanner products, to verify that vulnerabilities are normalized, enriched with external intelligence, and appropriately prioritized at the time of ingestion.

    Important:
    Each integration record has a configured run-as user. The default value is VIF.System. Don't change this value. In addition, check your entitlements to determine whether you have access to this plugin on production instances.

    After installation, the EUVD and JVN integrations aren't enabled by default. Each integration must be manually activated before it can begin collecting data. The EUVD integration runs on demand, while the JVN integration runs daily after it is marked as active . These scheduled and on-demand runs help keep the instance synchronized with external vulnerability data sources and support the vulnerability remediation life cycle.

    Imported vulnerability data

    In your ServiceNow AI Platform® instance, each vulnerability imported through the EUVD integration is represented as a vulnerability entry sourced from European Union Vulnerability Data and Japan Vulnerability Notes. The integration uses a custom Import Set and Processor Script framework to ingest, parse, and transform raw EUVD and JVN API responses into normalized vulnerability records within ServiceNow.

    Vulnerability entries created or updated in the instance reference EUVD and JVN vulnerability records, where each imported vulnerability is represented by a vulnerability entry in the source libraries of the NVD [sn_vul_nvd_entry] table. The EUVD and JVN integrations don't ingest Common Platform Enumeration (CPE) or Common Weakness Enumeration (CWE) data. As a result, vulnerability records and any associated vulnerable items derived from EUVD and JVN data are limited to CVE-based information and don't support CPE-based software matching or CWE-based weakness classification.

    The EUVD integration imports vulnerability entries and reference information into the sn_vul_nvd_entry, sn_vul_m2m_entry_cve, and sn_vul_reference tables.

    The JVN integration retrieves vulnerability data in XML format, converts it to JSON within the integration layer, and processes the transformed data using a processor script. Vulnerability entries and related data are populated into the sn_vul_nvd_entry, sn_vul_software, sn_vul_m2m_entry_software, sn_vul_m2m_entry_cve, and sn_vul_reference tables. This enables the creation of structured vulnerability records along with relationships to affected software and external references.

    Vulnerability Identifiers (VIs) created or updated in your instance reference EUVD and JVN vulnerability entries. CVSS details are mapped based on the version provided (v2, v3, or v4), ensuring accurate scoring and vector representation for each vulnerability record.

    Initial import of vulnerability data

    To initialize vulnerability data using the EUVD or JVN integrations, perform an initial import and verify successful data ingestion.

    1. Perform an initial import of vulnerability data with the EUVD or JVN integration. You can perform vulnerability updates On Demand for EUVD and Daily for JVN from the integration record by default, and you can configure these as needed.
    2. Verify that the Integrations for Central Vulnerability Database application is installed, and that an initial vulnerability data import from either the ENISA EUVD Integration or the JVN Integration is successful.

    Locating the Integrations for Central Vulnerability Database

    To view the Integrations for Central Vulnerability Database, type sn_vul_int_fw_integration.LIST in the Navigation Search bar and press Enter .

    Note:
    Neither the EUVD nor the JVN integration is active by default. You must mark each integration as active before it can be run.

    The following integrations are included in the base system:

    Integration Description
    EUVD Integration Retrieves vulnerability data from European Union Vulnerability Data (EUVD). This integration is inactive by default and does not support delta processing, so run it once per week.
    JVN Integration Retrieves vulnerability data from Japanese Vulnerability Notes (JVN). This integration is set to run daily and is inactive by default.