By default, Cassandra uses 7000 for cluster communication (7001 if SSL is enabled), 9042 for native protocol clients, 7199 for JMX, and 9160 for Cassandra Thrift RPC. Those ports are open on your virtual machine and allows all incoming traffic from the Internet. In order to keep security best practices, you should restrict access to be only from allowed IP addresses.
Recommended Mitigation
Configure networking rule to allow incoming Apache Cassandra traffic from allowed IP addresses only.
Network misconfigurations
