Agent 8.0.1 Scanned by Nessus

We are using APC PowerChute Business Edition 7.0.5 with 4 Agents of 8.0.1 on Windows Server 2003 machines. We run the Nessus security scanner against it, and it reports two "serious" problems with TCP port 2161 used by APC: SSL Server Allows Anonymous Authentication Vulnerability and SSL Server Supports Weak Encryption Vulnerability. Attaching the full output of the errors below:

SSL Weak Cipher Suites Supported
Synopsis :

The remote service supports the use of weak SSL ciphers.

Description :

The remote host supports the use of SSL ciphers that offer either weak
encryption or no encryption at all.

See also :

http://www.openssl.org/docs/apps/ciphers.html

Solution :

Reconfigure the affected application if possible to avoid use of weak
ciphers.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Plugin output :

Here is the list of weak SSL ciphers supported by the remote server :

Low Strength Ciphers (< 56-bit key)
SSLv3
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
TLSv1
EXP-EDH-RSA-DES-CBC-SHA Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
EXP-DES-CBC-SHA Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC4-MD5 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}


Nessus ID : 26928

First, I'm not convinced that this isn't a false positive. Can anyone confirm that APC PowerChute uses SSL to connect between the client and management server (I think that's what port 2161 is for)? I could find nothing via Google or on the APC web site to that effect. Note that I'm just talking about PowerChute with standard Smart-UPS batteries.

Any help would be great, trying to pass scans for auditors, and this throws a couple huge yellow flags up.