I took the liberty of reformatting your post to make it more readable.
This is an unsupported version. Please update to at least version 2.1.
This is not supported right now and hardcoded here:
Patches welcome.
This is an interesting one. In 2.1 we updated the Smart Proxy to Ruby 2.5 (at least on CentOS) and dropped TLS < 1.2. That may affect it (in a positive way). Please also share the OS you are on.
At least on my CentOS 8 + Foreman Proxy 2.1:
# openssl s_client -CAfile /etc/puppetlabs/puppet/ssl/certs/ca.pem -connect $HOSTNAME:8443
...
---
No client certificate CA names sent
Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3743 bytes and written 433 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
...
As suggested, you should upgrade to the latest releases as older versions do have known security issues (see Foreman :: Security for the full list).
Additionally, for future reference, any security concerns should be sent to the Foreman security team directly by mail and not shared on a public forum post.