Security scans report the Vulnerability "HSTS Missing From HTTPS Server", this is a Medium risk vulnerability that is one of the most frequently found on networks around the world. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.

All Supported Smarts version 

The HTTP port that Smarts uses is different from other web-based application that exclusively use it. The HTTP port is merely used by the domain for the initial handshake between the Smarts clients and other domain manager interaction.

There is no cookie concept within the Smarts application and hence this vulnerability has no impact to Smarts.

In simple terms, Smarts does use the HTTP port for its own purpose and does not follow the global notion protocol. This vulnerability can be ignored.