Spring Boot Actuator exposes several endpoints that may be enabled and accessible. Most of these endpoints expose sensitive information about a running application and thus should be disabled or secured.
Details on the endpoints can be found here: https://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-endpoints.html