How to configure pa-agent to use HSTS?
CVSS v3.0 Base Score
CVSS Base Score
Issue is described in RFC 6797:
The HSTS is required to tell browsers that the server should only be accessed using HTTPS instead of HTTP.
pa-agent is a web server that accepts and processes HCL requests over HTTPS.
It is not intended to communicate with pa-agent using a browser.
For the reason above there is no need to add HSTS.