Re: “unlikely event that admins have neglected to upgrade web servers”
If your hardware uses TLS 1.1 (or worse TLS 1.0, or even SSL3) and they haven't provided a firmware upgrade to fix it (and it is a fix, because those are vulnerabilities) then you should seriously be considering replacing that hardware, especially if it is in an enterprise environment. Attacks can, and do, come from within the corporate environment, and if you're using unsupported gear (such as switches, firewall devices, et al) then you have a vulnerability that should be fixed. End of.
Going from memory, the vulnerability in TLS 1.1 is currently theoretical, but could become a real threat in 5-10 years, the flaw in TLS 1.0 is exploitable by a determined attacker to e.g. hijack SSL sessions, and SSL3 is practically exploitable with a RaspPi.