Security Monitoring tool may pick up on CWE-522 for Weak Authentication, for /mob and /folder of VCSA for use of Basic Authentication
vCenter Server 7.0
vCenter Server 8.0
This is not considered a vulnerability or an exploitable issue, as credentials are securely transmitted over HTTPS
Changing authentication for /mob or /Folder is not currently a feature.