I try not to think too much about getting old. It's a terrible thing, but it is better than the alternative. I can no longer pretend I am not at least seriously middle-aged and although it doesn't stop me going to an occasional club night (see you with Digitalism at Village Underground in February?), hangovers seem to take longer to clear. And my 80s cultural references don't seem resonate with customers when I am old enough to be their mother.
Similarly, software has a lifecycle - such as Discovery's, which we document here. When we released Discovery 11.3 in March 2018, the standard VM platform was based on CentOS 7, so new installation should have used that. However, we maintained an option for an in-place upgrade of existing earlier versions to 11.3 on CentOS 6. This route was taken by some customers as it was a least-effort task, that did not involve procuring new CentOS 7 VMs and migrating. It should be noted that this is the last in-place upgrade; the next release should necessitate moving to CentOS 7.
Regardless of which OS version you are running, it is highly recommended to keep up to date with our OSUs to maintained the latest stability and security fixes. Patches are obtained from the CentOS feed, which in turn is based on what Red Hat release. Their policy is that all (including security) updates for CentOS 6 will cease this year, 2020-11-21, see here. Discovery appliances are not open to the wider Internet so are not exposed to external attacks, but still contain sensitive information about an organisation's estate. Sometimes OS updates are made that fix only theoretical vulnerabilities - eg in a library that we don't use in a way that could trigger the problem. But still, it is certainly advisable and simpler to be up-to-date.
You will see that the CentOS date is a bit earlier than the end of "full support" for 11.3 on 2021-03-21. So a reasonable question is whether BMC will offer any kind of OS updates between these. I have recently learned from Product Management that all CentOS 6 updates will cease after the earlier date, in November this year. So, in order to be assured of maintaining the security of the OS, you need to plan to migrate to new CentOS 7 VMs this year (either 11.3 or the latest on-premise version at the time).
I logged Docs defect DRUD1-28495 to try and get a clarification on the main support page.