HSTS Missing From HTTPS Server - port 7707

Hello, when performing vulnerability scans with the Nessus tool in Identity Manager 4.7.3 (RHEL) I get mid-level security problems reports related to "HSTS Missing From HTTPS Server" on port 7707. Doing some research I see that it is related to a embedded HTTP Jetty server. Is there a way to apply security headers?.

Plugin Name, Family, Severity, Protocol, Port, Exploit? HSTS Missing From HTTPS Server, Web Servers, Medium, TCP, 8443, No Synopsis: The remote web server is not enforcing HSTS. Description: The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-inthe-middle attacks, and weakens cookie-hijacking protections. ------------------------------------------------------------------ [root@HOST opt]# lsof -i -P -n | grep 7707 ndsd 31555 root 514u IPv6 19768604 0t0 TCP HOST-IP:7707 (LISTEN) ------------------------------------------------------------------ [root@HOST /]# curl -v -kI https://IP:7707 * About to connect() to IP port 7707 (#0) * Trying IP... * Connected to IP (IP) port 7707 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * skipping SSL peer certificate verification * SSL connection using TLS_RSA_WITH_AES_256_CBC_SHA256 * Server certificate: * subject: CN=CN,O=O * start date: Apr 17 17:24:33 2019 GMT * expire date: Apr 16 17:24:33 2021 GMT * common name: HOST * issuer: O=O,OU=OU > HEAD / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: IP:7707 > Accept: */* > < HTTP/1.1 401 Unauthorized HTTP/1.1 401 Unauthorized < Date: Mon, 21 Sep 2020 19:27:38 GMT Date: Mon, 21 Sep 2020 19:27:38 GMT < Content-Length: 0 Content-Length: 0 < Server: Jetty(9.4.z-SNAPSHOT) Server: Jetty(9.4.z-SNAPSHOT) < * Connection #0 to host IP left intact ------------------------------------------------------------------ [root@HOST /]# grep -r "7707" . ndsd 23114 root mem REG 253,8 95806 12583019 /tmp/jetty-HOST-7707-msgw_web.war-_-any-7 511687247596262565.dir/webapp/WEB-INF/lib/servlet-api-3.1.jar ndsd 23114 root mem REG 253,8 46367 12583018 /tmp/jetty-HOST-7707-msgw_web.war-_-any-7 511687247596262565.dir/webapp/WEB-INF/lib/jsr311-api-1.1.1.jar ndsd 23114 root mem REG 253,8 72478 12583017 /tmp/jetty-HOST-7707-msgw_web.war-_-any-7 511687247596262565.dir/webapp/WEB-INF/lib/jettison-1.2.jar ndsd 23114 root mem REG 253,8 1527762 12583016 /tmp/jetty-HOST-7707-msgw_web.war-_-any-7 511687247596262565.dir/webapp/WEB-INF/lib/jersey-bundle-1.18.jar ...