Is Netcool / WebGUI affected by the HTTP Public-Key-Pins header vulnerability?

Using Netcool WebGUI 8.1, a HP WebInspect application scan was conducted and a vulnerability was found related to hostile pinning attacks.

Execution: Access https://IP-Address:16310/ibm/console/logon.jsp in a browser configured to use a proxy. Inspect response headers.
HTTP Public-Key-Pins header is not present in the list of headers.

Fix: The Public-Key-Pins header should be used to protect site.

Is it possible to enable the Public-Key-Pins header? If so, how is that done?

Related: