-Security Advisory report mentioned below:
Disable HTTP OPTIONS method on your web server.
Web servers that respond to the OPTIONS HTTP method expose what other methods are supported by the web server, allowing attackers to narrow and intensify their efforts.
2.x, 3.x
The HTTP port is open for communication with harbor and public repository as per design : Ports for Telco Cloud Automation .
Exposure of the OPTIONS method does not significantly increase the risk of information disclosure, as TCA public documentation lists supported HTTP methods, and the attack would not give out any additional information which is not currently already publicly available.
On the other hand, OPTIONS method is used in CORS(Cross-Origin Resource Sharing) preflight request. so alert can be ignored.