https://knowledge.broadcom.com/external/article?articleId=208452
Security Centre team scan web vulnerability assessment on the spectrum one click. They have found HTTP Strict Transport Security (HSTS) not implemented.
"HTTP Strict Transport Security (HSTS) tells a browser that a web site is only accessible using HTTPS. It was
detected that your web application doesn't implement HTTP Strict Transport Security (HSTS) as the Strict
Transport Security header is missing from the response."
Release : 10.4.1
Component : Spectrum Core / SpectroSERVER
This has been addressed in Spectrum 10.4.3 version.
Recommended to implement HTTP Strict Transport Security (HSTS) into web application.
https://knowledge.broadcom.com/external/article?articleId=208452