There are several serious vulnerabilities in SSL (POODLE, BEAST) and early TLS (min-in-the-middle attacks). The only way to mitigate these security risks, is disabling SSLv3 and TLS 1.0 completely. These protocols should not be allowed as fallbacks on your server either.