CVE-2021-32639

Name of the Vulnerable Software and Affected Versions Emissary versions 6.4.0 through 6.4.0

Description Emissary is a P2P-based, data-driven workflow engine. The issue affects the RegisterPeerAction endpoint and the AddChildDirectoryAction endpoint, making them vulnerable to Server-Side Request Forgery (SSRF), which may lead to credential leaks.

Recommendations For Emissary version 6.4.0, update to version 7.0 to resolve the issue. As a temporary workaround, consider disabling network access to Emissary from untrusted sources.