CVE-2019-15972 Cisco UCM SQLi Scripts

Scripts that can be used to exploit CVE-2019-15972 which was an Authenticated SQLi issue in Cisco Unified Call Manager (UCM).

Enumerate tables - enumerate all tables on the underlying database and place the table names in a text file
Extract tables - take the list of tables and extract the contents of each table
Related F-Secure advisory can be found here: https://labs.f-secure.com/advisories/cisco-ucm-informix-sql-injection/
Details on how this vulnerability was discovered and exploited can be found here: https://labs.f-secure.com/blog/uncommon-sql-database-alert-informix-sql-injection/

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
README.md		README.md
sql_injection_enumerate_tables.py		sql_injection_enumerate_tables.py
sql_injection_extract_table.py		sql_injection_extract_table.py

Provide feedback