CVE-2019-15972

HIGH

Cisco Unified Communications Manager - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-15972. PoCs published by FSecureLABS.

AI-analyzed exploit summary This repository contains functional Python scripts to exploit CVE-2019-15972, an authenticated SQL injection vulnerability in Cisco Unified Call Manager (UCM). The scripts enumerate database tables and extract their contents using blind SQLi techniques.

Description

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates SQL values. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to modify values on or return values from the underlying database.

Exploits (1)

nomisec WORKING POC 7 stars

by FSecureLABS · poc

https://github.com/FSecureLABS/Cisco-UCM-SQLi-Scripts

View Code ZIP pw:eip

This repository contains functional Python scripts to exploit CVE-2019-15972, an authenticated SQL injection vulnerability in Cisco Unified Call Manager (UCM). The scripts enumerate database tables and extract their contents using blind SQLi techniques.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Cisco Unified Call Manager (UCM) 11.5

Auth required

Prerequisites: Valid JSESSIONID, REQUEST_TOKEN_KEY, and JSESSIONIDSSO cookies · Access to the /ccmadmin/ endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-cucm-sql

Scores

CVSS v3 8.8

EPSS 0.0160

EPSS Percentile 72.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-89

Status published

Products (4)

cisco/unified_communications_manager 10.5\(2.10000.5\)

cisco/unified_communications_manager 11.5\(1.10000.6\)

cisco/unified_communications_manager 12.0\(1.10000.10\)

cisco/unified_communications_manager 12.5\(1.10000.22\)

Published Nov 26, 2019

Tracked Since Feb 18, 2026