This entry from Security Metrics indicates that they are able to detect an open management interface such as Webconfig or SSH.
Management interfaces do not indicate a vulnerability in the security of said interfaces.
Just because a management interface is available does not mean that the security on that management interface is vulnerable or at risk to attack. Secure methods are in place to keep these management interfaces secure and unavailable to attacks.
No action required.
If you desire, you can restrict access to these management interfaces by removing them from the general incoming firewall rules and adding targeted entries in the custom firewall rules module to allow management access from specific IP addresses or subnets only.