CVE-2014-2880

Oracle Identity Manager 11.1.1.5, 11.1.1.7, 11.1.2.1, 11.1.2.2 - Open Redirect via backUrl Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-2880. PoCs published by Giuseppe D'Amore.

AI-analyzed exploit summary This advisory describes an unvalidated redirect vulnerability in Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0). The issue allows an attacker to redirect users to a malicious domain after a password change procedure via a crafted URL.

Description

Open redirect vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backUrl parameter in a changepwd action to identity/faces/firstlogin.

Exploits (1)

exploitdb WRITEUP
by Giuseppe D'Amore · textwebappsphp
https://www.exploit-db.com/exploits/32670

This advisory describes an unvalidated redirect vulnerability in Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0). The issue allows an attacker to redirect users to a malicious domain after a password change procedure via a crafted URL.

Classification
Writeup 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0)
No auth needed
Prerequisites: A legitimate user must click on a crafted URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/32670
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/66615
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/105384

Scores

EPSS 0.0842
EPSS Percentile 94.3%

Details

CWE
CWE-20
Status published
Products (1)
oracle/identity_manager 11.1.2.1.0
Published Apr 17, 2014
Tracked Since Feb 18, 2026