Jenkins is a continuous integration server.
It was found that all SSL certificate checking was disabled by default in the Apache Maven Wagon plug-in of Jenkins. This would make it easy for an attacker to perform man-in-the-middle attacks. (CVE-2013-0253)
Users of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to this updated package, which corrects this issue.