It was found that the API server contains an insecure port. Setting an insecure port allows anyone to connect without an authentication and authorization to the api server.
Recommended Mitigation
It is recommended to verify that '--insecure-port' is set to zero in the configuration file.