The DROWN attack: "The attack works against every known SSL/TLS implementation supporting SSLv2. " (excerpted from https://www.openssl.org/blog/blog/2016/03/01/an-openssl-users-guide-to-drown/)

We use TLSv1 with all versions of the EMS server that support SSL with all versions of the client that support SSL. This means that all versions EMS are secure. 
If you do a pen-test of the EMS server, you may find that the server does accept SSLv3 connections. However, this does not present a problem:
● Both the server and the client are coded to prefer TLSv1, so any connection between legitimate EMS participants will either succeed as TLSv1, or fail entirely.
● Unlike web browsers, the EMS client does not retry connections with successively older protocols. So the client cannot be tricked into using SSLv3 by interfering with connection attempts.

Starting from EMS 8.2.2, it relies on OpenSSL 1.0.1p, which by default offers only TLS 1.2