Security Advisory Impact
This advisory impacts the following products:
CloudBees CI
All Security Advisories

CloudBees CI Security Advisory 2023-02-08

This advisory announces vulnerabilities in CloudBees CI

CloudBees backup SSH used insecure SSH connection

Severity (CVSS): Medium
Affected plugin: CloudBees Backup

In the CloudBees Backups plugin, SFTP stores used an insecure SSH connection.

It is now possible to configure a server key verification strategy for SFTP stores to ensure a secure SSH connection.



  • CloudBees Traditional Platforms should be upgraded to 2.375.3.3

  • CloudBees Cloud Platforms should be upgraded to 2.375.3.3