It was found that the API server contains an insecure bind address. Setting an insecure bind address allows anyone to connect without an authentication and authorization to the master node.
Recommended Mitigation
It is recommended to verify that '--insecure-bind-address' does not exist in the configuration file.