The security team is reporting these two Qualys scan vulnerabilities. The #13162 is supposed to have been fixed in a previous patch. There is little info from Qualys about #11827.
QID Vulnerability
11827 HTTP Security Header Not Detected
13162 Session Cookie Does Not Contain the "Secure" Attribute