First, I’ll point out that you are correct that @bricks is the Guru of the land! 
To answer your question, yes, there would certainly be repercussions to requiring these services to authenticate. It’s not impossible to accomplish, but perhaps much easier to harden the endpoint running Greenbone. For example, SELinux can be used to restrict access to Redis or Mosquitto, allowing only certain users or processes to use it or groups may also be used to restrict certain commands.
However if you wanted to add password auth to Redis for example, I believe you would have to modify the Redis config file of the openvas-scanner, redis-openvas.conf to comment out the requirepass setting and add a password there.
Then you would have to identify all the places where Redis connections are made and add the authentication there as well. For example:
# Add password to redis cli with -a flag
redis-cli -a <password>
# Redis URL with authentication
redis_url = "redis://:<password>@localhost:6379/0"
# Connect to Redis
r = redis.Redis.from_url(redis_url)
But then you have to secure the password in plaintext on the server, or decrypt it when needed, use an environment variable? Just secure the Redis and Mosquitte MQQT processes with SELinux.