diff --git a/.azure-pipelines/cve_scan.yml b/.azure-pipelines/cve_scan.yml
index cbd024add1048..2ef6248d396b2 100644
--- a/.azure-pipelines/cve_scan.yml
+++ b/.azure-pipelines/cve_scan.yml
@@ -4,14 +4,12 @@
 trigger: none
 pr: none
 
-# This appears to be broken right now so disabling until it is fixed.
-# schedules:
-# - cron: "0 * * * *"
-#   displayName: Hourly CVE scan
-#   branches:
-#     include:
-#     - main
-#   always: true
+- cron: "0 * * * *"
+  displayName: Hourly CVE scan
+  branches:
+    include:
+    - main
+  always: true
 
 pool:
   vmImage: "ubuntu-18.04"
diff --git a/tools/dependency/cve_scan.py b/tools/dependency/cve_scan.py
index ddb4663cb10ef..ca2d2a144253c 100755
--- a/tools/dependency/cve_scan.py
+++ b/tools/dependency/cve_scan.py
@@ -119,6 +119,11 @@ def gather_cpes(nodes, cpe_set):
         gather_cpes(cve['configurations']['nodes'], cpe_set)
         if len(cpe_set) == 0:
             continue
+
+        if not "baseMetricV3" in cve['impact']:
+            print(f"WARNING: ignoring v2 metric for {cve['cve']['CVE_data_meta']['ID']}")
+            continue
+
         cvss_v3_score = cve['impact']['baseMetricV3']['cvssV3']['baseScore']
         cvss_v3_severity = cve['impact']['baseMetricV3']['cvssV3']['baseSeverity']