Apologies in advance if this isn't the correct forum to be posting this, but here's my issue.  I've got a Nessus network scanner on my network that I don't own/operate.  The Nessus administrators are saying that scans of my vCenter Server Appliance are coming back with a finding (specifically Plugin ID 150820 "Apache 2.4.x < 2.4.47 Multiple Vulnerabilities").  I'm running a vCenter Server Appliance 6.5 U3p (Build 17994927). 

In short, how do I answer this finding?  In longer terms: Is this a false positive?  Is there a way to patch Apache specifically (what I've been able to find online suggests this isn't supported by VMware)? Is there a future patch to be released by VMware, and, if so, is there an ETA?

Please let me know if I need to provide any amplifying information.