Use of unencrypted http protocol can expose confidential data.
Enable this setting. From Setup, enter "Session Settings" in the Quick Find box, then select Session Settings. Then enable "Require secure connections (HTTPS)".
Time to fix
This rule is linked to Common Weakness Enumeration CWE-284 Improper Access Control.