Very possibly something is wrong.

If I am reading that correctly:

successful 9.1P20    3/17/2020  3/17/2020  hostname     8.3.2P2   9.1P20
                     16:43:30   17:05:01   hostname
Less than 90 minutes later 
successful 9.3P18    3/17/2020  3/17/2020  hostname     9.1P20    9.3P18
                     18:33:20   18:53:43   hostname    
About 18 hours later:
successful 9.4P8     3/18/2020  3/18/2020  hostname     9.3P18    9.4P8
                     12:32:54   12:53:53   hostname
About 2 hours later:    
successful 9.5P11    3/18/2020  3/18/2020  hostname     9.4P8     9.5P11
                     14:58:55   15:19:58   hostname   
And finally 32 minutes later: 
successful 9.7P1     3/18/2020  3/18/2020  hostname     9.5P11    9.7P1
                     15:51:29   16:16:11   hostname
 

That's really aggressive. I would never have tried that. As a rule, I like to let the upgrade settle for at least 24 hours to let any long-running background processes finish. What does "cluster upgrade-revert show" indicate?

It is possible that it is a display issue. The BUG associated with this was fixed in 9.3P6 and all releases forward

The cluster is not prod. We have 2 others to upgrade that are prod so I am using this one to experiment.

I just fixed some TLS1 issues with this - https://kb.netapp.com/app/answers/answer_view/a_id/1029776/~/how-to-harden-ontap-9-tls-configuration-

SSH still shows 7.2 after TLS fix.

There doesn't appear to be a  'cluster upgrade-revert show'  command.

hostname::*> system node upgrade-revert show

Node: hostname-01                                  Status:
                                                              complete

Status Message: The upgrade is complete.


Vers Phase      Status   Upgrade Phase Status Message
---- ---------- -------- ------------------------------------------------------
510  pre-root   applied  No upgrade is required for this phase.
510  pre-apps   applied  Upgrade successful.
510  post-apps  applied  Upgrade successful.
700  pre-root   applied  No upgrade is required for this phase.
700  pre-apps   applied  Upgrade successful.
700  post-apps  applied  Upgrade successful.
800  pre-root   applied  No upgrade is required for this phase.
800  pre-apps   applied  Upgrade successful.
800  post-apps  applied  Upgrade successful.
900  pre-root   applied  No upgrade is required for this phase.
900  pre-apps   applied  Upgrade successful.
900  post-apps  applied  Upgrade successful.
1100 pre-root   applied  No upgrade is required for this phase.
1100 pre-apps   applied  Upgrade successful.
1100 post-apps  applied  Upgrade successful.

Node: hostname-02                                  Status:
                                                              complete

Status Message: The upgrade is complete.


Vers Phase      Status   Upgrade Phase Status Message
---- ---------- -------- ------------------------------------------------------
510  pre-root   applied  No upgrade is required for this phase.
510  pre-apps   applied  Upgrade successful.
510  post-apps  applied  Upgrade successful.
700  pre-root   applied  No upgrade is required for this phase.
700  pre-apps   applied  Upgrade successful.
700  post-apps  applied  Upgrade successful.
800  pre-root   applied  No upgrade is required for this phase.
800  pre-apps   applied  Upgrade successful.
800  post-apps  applied  Upgrade successful.
900  pre-root   applied  No upgrade is required for this phase.
900  pre-apps   applied  Upgrade successful.
900  post-apps  applied  Upgrade successful.
1100 pre-root   applied  No upgrade is required for this phase.
1100 pre-apps   applied  Upgrade successful.
1100 post-apps  applied  Upgrade successful.
30 entries were displayed.

ONTAP versions 9.3-9.7 have a base version of  OpenSSH 7.2p2.

If an advisory shows a versions of ONTAP as fixed then either a patch was back ported or a configuration change was made to prevent exploit.