The scanner that ran on the Windows server detected vulnerable cipher suites on the system.  Do you know if XCOM has any executables/files that may be causing the scanner application to detect the vulnerable ciphers?

XCOM r12.0 for Windows

XCOM distributes the %XCOM_HOME%\openssl.exe executable in order to generate the Sample SSL certificates with the make (makeca, makeclient, makeserver) scripts that you will find in the %XCOM_HOME%\ssl directory. 

The "openssl.exe" executable can be deleted from the %XCOM_HOME% directory, as long as you don't use the "make" scripts to generate the Sample SSL certificates.

NOTE: Please be aware that Sample SSL certificates should not be used for your secured transfers. Make sure to check with your Security team about getting the proper SSL certificates for the use of your secured transfers.