Customer vulnerability scanners will detect OpenSSH vulnerabilities.

CVE-2023-51384 priority is medium (CVSS score is 5.5)
CVE-2023-51385 priority is medium (CVSS score is 5.5)

VMware vCenter Server 7.x
VMware vCenter Server 8.x

CVE-2023-51384 and CVE- 2023-51385 are fixed in vCenter 8.0 U3 patch.

For VCSA 7.x specifically, CVE-2023-51384 is not applicable to the OpenSSH version 7.8p1

Since OpenSSH is one of the packages which comes as a complete installation bundle with VMware vCenter Server we cannot upgrade it to specific version.
Keep ssh disabled on your host unless it is required for troubleshooting purposes.

This CVE is affected to the OpenSSH version 8.9 and above

Run the following command to verify the version being used in the environment.
OpenSSH session of the VC and run: rpm -qa | grep -i ssh

CVE-2023-51384 and CVE- 2023-51385 vulnerabilities are fixed in OpenSSH 8.9p1-6, which are the makeup of VCSA 8.0.3.00000 (8.0 U3). 

There should be no impact from CVE-2023-51384 and CVE- 2023-51385 on VCSA 8.0 U3.

If security scanner still reporting them then are false positives.

OpenSSH の脆弱性 (CVE-2023-51384 and CVE- 2023-51385)