How to identify if duplicate Vulnerable Items existIssue Description This article provides a script to identify if there are duplicate vulnerable items (VIT). A duplicate vulnerable item is defined as an entry in the sn_vul_vulnerable_item table with the same values in the cmdb_ci (Configuration Item) and vulnerability (Vulnerability) fields. Procedure 1. Open Scripts - Background from the filter navigator. 2. Paste the following script: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 var sum = 0; var gr = new GlideAggregate("sn_vul_vulnerable_item"); gr.addNotNullQuery("vulnerability"); gr.addNotNullQuery("cmdb_ci"); gr.addQuery("state", "!=", "3"); gr.addAggregate("COUNT"); gr.groupBy("cmdb_ci.sys_id"); gr.groupBy("vulnerability.sys_id"); gr.groupBy("port"); gr.query(); while (gr.next()) { var count = gr.getAggregate("COUNT"); if (count > 1) { var vul = gr.getValue("vulnerability.sys_id"); var gr1 = new GlideRecord("sn_vul_third_party_entry"); gr1.get(vul); var id = gr1.getValue("id"); if (id.indexOf("VC") < 0) { gs.info("Duplicate VI found for CI with sys_id: " + gr.getValue('cmdb_ci.sys_id') + " and Vulnerability with sys_id: " + gr.getValue('vulnerability.sys_id')); sum++; } } } gs.info("Total count: " + sum); 3. Run the script. If there are any duplicate VITs for the same configuration item and vulnerability, they will be logged. Additional Information Please note that if there are large number of vulnerable items, this script might take a few minutes to complete.