• Security scanner detects vulnerability on vCenter HA active and passive network:
  
  THREAT vulnerability SSH: SSH User Authentication Brute Force Attempt (40015)

• The SSH service need to be open for the working of vCenter HA. 

VMware vCenter Server 7.0.x
VMware vCenter Server 8.0.x

The vCenter HA networking need to open SSH accessing between vCenter HA active and passive nodes because they need to synchronize the data in time. The SSH can not be disable on vCenter HA networking to make the vCenter HA working normally.

• An exception of vCenter HA networking need to be implemented to the security scanner.
• The vCenter HA network is private which should make sure only used by vCenter HA that need to strictly prevent external SSH accessing.

SSH is required between the active and passive nodes. For more information, see FAQ: vCenter High Availability