How to enforce Jenkins to use TLS 1.2

Problem: security scan reports "Vulnerabilities: 20007 - SSL Version 2 and 3 Protocol Detection" against jenkins server.

Resolution: enforce Jenkins to use TLS 1.2, update C:Program Files (x86)Jenkinsjenkins.xml, add param as below in bold red, then restart jenkins.
  <executable>%BASE%jreinjava</executable>
  <arguments>-Xrs -Xmx256m -Dhudson.lifecycle=hudson.lifecycle.WindowsServiceLifecycle -jar "%BASE%jenkins.war" -Dhttps.protocols=TLSv1.2 --httpPort=8080 --webroot="%BASE%war"</arguments>

Reference: How to enforce Jenkins to use TLS 1.2 (https://support.cloudbees.com/hc/en-us/articles/115003362911-How-to-enforce-Jenkins-to-use-TLS-1-2)
You can follow this KB to disable ciphers on your JVM Disabling Specific Ciphers In Jenkins or add this property to your Jenkins java properties -Dhttps.protocols=TLSv1.2