I am getting "there are no risk assessments defined for this request" error for all change request.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2024 05:56 AM
I am getting "there are no risk assessments defined for this request" error for all change request, and not able to move to next state without calculating Risk assessment.
Can someone please help and suggest something to sort this issue ASAP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-11-2024 10:15 AM
Hi @ShikhaPuri
Is any recent changes done on risk code/ logic?
Try to repair the change risk plugin once.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-16-2024 02:21 PM - edited ‎09-16-2024 02:30 PM
Is there any update to this issue? I am having the same problem. @Dr Atul G- LNG posted a suggestion to "repair the change risk plugin" but it cannot be found in the Application Manager. It keeps producing an Internal Server Error (500)
Edit: Found this by checking our test instance. The plugin lives at <instance>.service-now.com/now/app-manager/home/plugin/id/com.snc.bestpractice.change_risk/details
Performed a repair, but the issue remains. I'm opening a ticket with NOW support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-17-2024 01:43 AM
Hi @JHufford
Hi ticket is only way left now.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-18-2024 07:54 AM
SN Support said the following:
Upon my further investigation, I found that the newly added assessment_condition check scripts was a result of an important security bug we found lately via PRB1782717 (attached to the case)
Basically the "CreateAssessment" script include contains a vulnerability that allow unauthenticated user to escape the sandbox and two functions below which contains a GlideFilter call with a condition that is taintable by an unauthorized user.
- matchesCondition
- checkAssessment
As a result the PRB above provide fix in patch WashingtonDC Patch 6, Washington DC Patch 4 Hot Fix 1b, as well as the new major release Xanadu.
After this fix, now you do need to at least put a condition value there for the assessment_conditions record to make sure the person who work on the change request could view the content of the risk assessment and proceed further.