Thank you for asking this question in the support community.
Unfortunately, every security audit software is different, so it is difficult to create a standard to meet all of the criteria. The Security Audit in AOS Quick Configuration Guide has valuable information about ADTRAN's ability to meet the requirements. To answer your questions, at the time of this post, AOS units support SSHv2 only. Therefore, there is no need to disable SSHv1, as it is not supported. There have been some SSL features and enhancements in AOS, but I cannot determine if upgrading will alleviate the issues noted by the auditing software. ADTRAN always recommends running the current maintenance release, as indicated on the product firmware download page.
Please, let me know if you have any additional questions. I will be happy to help in any way I can.
I am marking this assumed answered. However, if you have more to add please do not hesitate to do so.