kube-hunter was able to perform the action specified by the reported vulnerability (check the report for more information). This may or may not be a problem, depending on your cluster setup and preferences.
Review the RBAC permissions to Kubernetes API server for the anonymous and default service account.