Impact The ADFS replication service can be abused to steal the token signing cert as the service is not encrypted and does not require authentication to access. Solution (for single ADFS server) Apply a firewall rule so that inbound tcp/80 ...
Tag: mitigation