An attacker could access sensitive informations using this vulnerability.
The etcd HTTP API is accessible without authentication. This can result in keys being exposed which may contain sensitive information. It will also allow a user to change and delete keys without authentication. As a result, a remote attacker can not only discern sensitive information such as usernames and passwords, but also change or delete that data.
If you have an API that doesn't have any authentication mechanism, set an authentication mechanism immediately.