iDRAC Vulnerabilities - VNC

We have below vulnerability for Dell remote Access controller.

AT&T Virtual Network Computing (VNC) provides remote users with access to the system it is installed on. If this service is compromised, the user can gain complete control of the system.

We need to know:

1. What’s the purpose of the VNC and is it required?
2. If it’s not required, can we remove it?