How do CVE's get imported/updated in SRAS?

CVE dictionary updates can be obtained from NIST's repository here: http://nvd.nist.gov/download.cfm

Be sure to obtain NVD/CVE XML version 1.2 and that the file specifies that mappings are included.

1. On the left navigation panel, navigate to "Policies & Controls"-->"Summary"
2. Select "Import Policy" (on right side half way down)
3. Locate the "Import CVE Dictionary" box.  (See image below)
4. Browse to and import the CVE XML file.