Skip to main content

Checkmarx One Vulnerability Integration Modifications and Activities

Set Checkmarx One Vulnerability Integration import times.

For your convenience, you can reset the start time for the Checkmarx One Vulnerability Integrations.

Role required: App-Sec Manager Group

After the initial import, the Checkmarx One vulnerability Integrations perform a full import each time they run. For more information on performing imports, see Integrating Checkmarx One Vulnerability Integration.

  1. Navigate to All.

  2. Select  Checkmarx One Vulnerability Integration.

  3. Click Integrations.

  4. Select an Integration.

  5. Set the Start time.

    Time is calculated as Hours in local time. The default time for the Checkmarx One Application List Integration imports is 00:00:00. The other integrations are On Demand and chained to run after the Checkmarx One Application List Integration. Changing the Start time for either of these requires advanced ServiceNow and Application Vulnerability Management expertise.

  6. Click Update

    The new time is used for the next scheduled import.

Troubleshooting: Reverting Customized Scripts

If a script has been customized and is preventing the integration from running correctly after an update, you must revert it to its store version.

This is a one-time manual step only if you have customized the base scripts.

  1. In the Application Navigator, search for Script Includes and select Script Includes (Under System Definitions).

  2. Search for the modified script (e.g., CheckmarxOneAppListIntegration, CheckmarxOneAppVulItemIntegration, CheckmarxOneScanSummaryIntegration, CheckmarxOneAVITClosureIntegration, CheckmarxOneUtilBase).

  3. Open the script record and scroll down to the Versions table.

  4. Click on the link for the latest version, where the Source is "Store Application".

  5. Click Revert to this version.

Troubleshooting: Handling Script Customizations During Upgrade

If you have customized any Script Includes, you must follow this process when upgrading to a new plugin version.

Important

Customized scripts may prevent the plugin from upgrading successfully. Issues arising from customizations are the responsibility of customers; Checkmarx provides support only for GA (store) versions.

Upgrade Process with Customized Scripts:

  1. Before upgrading , document your customizations, then revert all customized scripts to their store version:

    • In the Application Navigator, search for Script Includes and select Script Includes (Under System Definitions).

    • Search for the modified script (e.g., CheckmarxOneAppListIntegration, CheckmarxOneAppVulItemIntegration, CheckmarxOneScanSummaryIntegration, CheckmarxOneAVITClosureIntegration, CheckmarxOneUtilBase).

    • Open the script record and scroll down to the Versions table.

    • Click on the link for the latest version, where the Source is "Store Application".

    • Click Revert to this version.

  2. Upgrade the plugin via System Applications > Applications.

  3. After upgrading , review the new version's release notes:

    • If your customization was for a bug that is now fixed in the new version, no action is needed.

    • If your customization is still required, reapply it to the updated script.

Troubleshooting: Common Problems and Fixes

This section provides guidance on resolving common issues encountered with the Checkmarx One Vulnerability Integration.

Cross-Scope Privileges Issue

In some cases, the integration may fail due to missing cross-scope privileges between the Checkmarx One Vulnerability Integration application scope and the Vulnerability Response scope.

Symptoms : Integration failures with error messages in system logs indicating access denied or cross-scope permission issues.

Diagnosis : Check your ServiceNow system logs for messages indicating missing cross-scope permissions. The log entries will identify which specific table or operation requires additional privileges.

Resolution Steps :

  1. Change Application Scope : Navigate to your application picker and switch to the Checkmarx One Vulnerability Integration scope.

  2. Navigate to Cross-Scope Access : In the left navigation filter, type Cross-Scope Access and open System Applications → Cross-Scope Access.

  3. Create New Cross-Scope Privilege : Click New to create a new record.

  4. Fill Out the Form :

    • Source Scope : Select Checkmarx One Vulnerability Integration

    • Target Scope : Select Vulnerability Response

    • Target Type : Choose Table

    • Target Name : Enter the table name from the error message (e.g., sn_vul_app_vul_scan_summary )

    • Operation : Select the required operation (e.g., Write , Read , or Create )

    • Status : Set to Allowed

  5. Save : Click Submit (for new records) or Update (for existing records).

In this section: