Integrations for Central Vulnerability Database

  • Release version: Australia
  • Updated March 28, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Integrations for Central Vulnerability Database

    The Central Vulnerability Database (CVD) in ServiceNow integrates with global vulnerability data sources—specifically the National Vulnerability Database (NVD), European Union Vulnerability Database (EUVD), and Japanese Vulnerability Notes (JVN). This consolidation enriches and normalizes vulnerability records to enable more accurate impact assessments, risk scoring, and remediation planning within the Vulnerability Response application.

    Show full answer Show less

    These integrations collect and import vulnerability data into your ServiceNow instance, making it accessible through the ServiceNow AI Platform® and enhancing your vulnerability management processes.

    Key Features

    • Data Sources: Integrates with EUVD and JVN to supplement vulnerability information alongside NVD data.
    • Data Enrichment: Normalizes CVE-based vulnerabilities and enriches records with external intelligence for better prioritization.
    • Import Process: Uses custom Import Sets and Processor Scripts to parse and transform raw API data into structured vulnerability records.
    • Scheduling: EUVD integration runs on demand (recommended weekly), while JVN integration runs daily once activated.
    • Manual Activation: Both EUVD and JVN integrations must be manually enabled after installation; they are inactive by default.
    • Data Scope: Imports CVE-related vulnerability information but does not ingest Common Platform Enumeration (CPE) or Common Weakness Enumeration (CWE) data, limiting software matching and weakness classification to CVE-based info.
    • Run-As User: Each integration runs using the default configured user (VIF.System); this should not be changed.

    Practical Use and Setup

    For optimal use, run these integrations during the initial Vulnerability Response setup before importing scanner data. This ensures vulnerabilities are normalized, enriched, and prioritized correctly from the start. Verify successful initial imports through the integration records.

    Access the integrations by searching for snvulintfwintegration.LIST in the ServiceNow navigation. Manually activate each integration before use and configure update frequency as needed.

    Key Outcomes

    • Enhanced vulnerability data quality through consolidation of multiple trusted sources.
    • Improved impact assessment and risk scoring accuracy within ServiceNow Vulnerability Response.
    • Streamlined remediation planning with enriched and normalized vulnerability records.
    • Automated synchronization with external vulnerability feeds to keep data current.

    The Central Vulnerability Database supports integration with trusted global vulnerability data sources, including the National Vulnerability Database, European Union Vulnerability Database (EUVD), and Japanese Vulnerability Notes (JVN), to enrich and normalize vulnerability records.

    By consolidating multiple authoritative and commercial intelligence sources, the Central Vulnerability Database enables more accurate impact assessment, improved risk scoring, and more effective remediation planning from the outset.

    The Integrations for Central Vulnerability Database collects data from EUVD and JVN and makes it available to the ServiceNow AI Platform®. It integrates with Vulnerability Response to map CVE vulnerabilities, enriching the data in your instance.

    Run this integration as part of the initial setup of Vulnerability Response, before importing data from third-party scanner products, to verify that vulnerabilities are normalized, enriched with external intelligence, and appropriately prioritized at the time of ingestion.

    Important:
    Each integration record has a configured run-as user. The default value is VIF.System. Don't change this value. In addition, check your entitlements to determine whether you have access to this plugin on production instances.

    After installation, the EUVD and JVN integrations aren't enabled by default. Each integration must be manually activated before it can begin collecting data. The EUVD integration runs on demand, while the JVN integration runs daily after it is marked as active . These scheduled and on-demand runs help keep the instance synchronized with external vulnerability data sources and support the vulnerability remediation life cycle.

    Imported vulnerability data

    In your ServiceNow AI Platform® instance, each vulnerability imported through the EUVD integration is represented as a vulnerability entry sourced from European Union Vulnerability Data and Japan Vulnerability Notes. The integration uses a custom Import Set and Processor Script framework to ingest, parse, and transform raw EUVD and JVN API responses into normalized vulnerability records within ServiceNow.

    Vulnerability entries created or updated in the instance reference EUVD and JVN vulnerability records, where each imported vulnerability is represented by a vulnerability entry in the source libraries of the NVD [sn_vul_nvd_entry] table. The EUVD and JVN integrations don't ingest Common Platform Enumeration (CPE) or Common Weakness Enumeration (CWE) data. As a result, vulnerability records and any associated vulnerable items derived from EUVD and JVN data are limited to CVE-based information and don't support CPE-based software matching or CWE-based weakness classification.

    The EUVD integration imports vulnerability entries and reference information into the sn_vul_nvd_entry, sn_vul_m2m_entry_cve, and sn_vul_reference tables.

    The JVN integration retrieves vulnerability data in XML format, converts it to JSON within the integration layer, and processes the transformed data using a processor script. Vulnerability entries and related data are populated into the sn_vul_nvd_entry, sn_vul_software, sn_vul_m2m_entry_software, sn_vul_m2m_entry_cve, and sn_vul_reference tables. This enables the creation of structured vulnerability records along with relationships to affected software and external references.

    Vulnerability Identifiers (VIs) created or updated in your instance reference EUVD and JVN vulnerability entries. CVSS details are mapped based on the version provided (v2, v3, or v4), ensuring accurate scoring and vector representation for each vulnerability record.

    Initial import of vulnerability data

    To initialize vulnerability data using the EUVD or JVN integrations, perform an initial import and verify successful data ingestion.

    1. Perform an initial import of vulnerability data with the EUVD or JVN integration. You can perform vulnerability updates On Demand for EUVD and Daily for JVN from the integration record by default, and you can configure these as needed.
    2. Verify that the Integrations for Central Vulnerability Database application is installed, and that an initial vulnerability data import from either the ENISA EUVD Integration or the JVN Integration is successful.

    Locating the Integrations for Central Vulnerability Database

    To view the Integrations for Central Vulnerability Database, type sn_vul_int_fw_integration.LIST in the Navigation Search bar and press Enter .

    Note:
    Neither the EUVD nor the JVN integration is active by default. You must mark each integration as active before it can be run.

    The following integrations are included in the base system:

    Integration Description
    EUVD Integration Retrieves vulnerability data from European Union Vulnerability Data (EUVD). This integration is inactive by default and does not support delta processing, so run it once per week.
    JVN Integration Retrieves vulnerability data from Japanese Vulnerability Notes (JVN). This integration is set to run daily and is inactive by default.