CIs blank on Vulnerability ItemDescription<!-- div.margin{ padding: 10px 40px 40px 30px; } table.tocTable{ border: 1px solid; border-color:#E0E0E0; background-color: rgb(245, 245, 245); padding-top: .6em; padding-bottom: .6em; padding-left: .9em; padding-right: .6em; } table.noteTable{ border:1px solid; border-color:#E0E0E0; background-color: rgb(245, 245, 245); width: 100%; border-spacing:2; } table.internaltable { white-space:nowrap; text-align:left; border-width: 1px; border-collapse: collapse; font-size:14px; width: 85%; } table.internaltable th { border-width: 1px; padding: 5px; border-style: solid; border-color: rgb(245, 245, 245); background-color: rgb(245, 245, 245); } table.internaltable td { border-width: 1px; padding: 5px; border-style: solid; border-color: #E0E0E0; color: #000000; } .title { color: #D1232B; font-weight:normal; font-size:28px; } h1{ color: #D1232B; font-weight:normal; font-size:21px; margin-bottom:-5px } h2{ color: #646464; font-weight:bold; font-size:18px; } h3{ color: #000000; font-weight:BOLD; font-size:16px; text-decoration:underline; } h4{ color: #646464; font-weight:BOLD; font-size:15px; text-decoration:; } h5{ color: #000000; font-weight:BOLD; font-size:13px; text-decoration:; } h6{ color: #000000; font-weight:BOLD; font-size:14px; text-decoration:; } ul{ list-style: disc outside none; margin-left: 0; } li { padding-left: 1em; } --> Symptoms Vulnerability Items are getting created with an invalid Configuration Item. It shows blank on the form but you can see a sys_id in the XML Release Jakarta Patch 8 Cause Missing records on cmdb_ci_hardware Resolution When you have a Vulnerability Item created, it is looking for the "Installed On" field on the cmdb_sam_sw_install table. Reviewing the Vulnerability Item, it was seen that it was assigned to CVE-2015-3903. With this information, we checked the Vulnerability Softwares table (https://instancename.service-now.com/sn_vul_m2m_entry_software_list.do?sysparm_query=sn_vul_entry.idSTARTSWITHCVE-2015-3903%5Esn_vul_software.display_nameSTARTSWITHPhpmyadmin%20Phpmyadmin%204.0.2), and found the Vulnerable Software was for Phpmyadmin Phpmyadmin 4.0.2. From here, we went to the Software Installations table (https://instancename.service-now.com/cmdb_sam_sw_install_list.do?sysparm_query=display_nameSTARTSWITHPhpmyadmin%20Phpmyadmin%204.0.2) and saw that the "Installed On" field is blank and is pulling in a sys_id of 76a9a04d3790200044e0bfc8bcbe5d01 which matches the null field on the Vulnerability Item. We noticed this was not being pulled in because the Hardware was missing from the cmdb_ci_hardware. Exporting from a personal dev instance and importing to an instance solved the issue and we confirmed that we could see the Configuration Item being shown on the Vulnerability Item.