ServiceNow Put_Incident_Attachment does NOT decode the base64 encoded string

mwu-at-work · January 25, 2022, 1:39am

There is a bug in ServiceNow Plugin, “Put Incident Attachment” Action.
The input parameter of attachment indicates it should be base64 encoded, I give a base64 encoded string, for example,
UmFwaWQ3IEluc2lnaHRDb25uZWN0Cg==
This Action call will NOT decode the base64 string, it will just attach “as-is” plus the double quotes before and after the base64 string. In the ServiceNow incident, upon inspecting the content of the attachment attached by the workflow, I will find the content of the attachment is like the following:
“UmFwaWQ3IEluc2lnaHRDb25uZWN0Cg==”

It appears the Action “forget” to base64 decode the input before attaching it.

Changes of different MIME types including using a customized one (OTHER) do not make any difference.

I believe it is a bug that need to be fixed, the problem can be repeated.
Plugin version in question is the 6.0.0.0

holly_wilsey · February 8, 2022, 4:20pm

I wanted to let you know that we went ahead and put in a ticket for this particular action in ServiceNow so we can further investigate and make any updates needed. Thanks for letting us know!

mwu-at-work · February 8, 2022, 8:20pm

I made a suggested change in the github as well, feel free to take a look there.

bindu_laxminarayan · April 4, 2022, 2:48pm

@mwu-at-work - the defect is fixed in the version 6.0.1- Rapid7 Extensions . Can you please update and let is know if you still run into issues.