From e8bbf97ff751ac4a7bf8e7de82069de44166cd6f Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Fri, 11 May 2018 08:36:25 -0400
Subject: [PATCH] - Added submission from ICS-CERT for ICSA-17-047-02 from
 2018-04-10.

---
 2017/6xxx/CVE-2017-6015.json | 49 +++++++++++++++++++++++++++++++++---
 1 file changed, 46 insertions(+), 3 deletions(-)

diff --git a/2017/6xxx/CVE-2017-6015.json b/2017/6xxx/CVE-2017-6015.json
index 38bd851cabe..c9828d805f3 100644
--- a/2017/6xxx/CVE-2017-6015.json
+++ b/2017/6xxx/CVE-2017-6015.json
@@ -1,8 +1,32 @@
 {
    "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
+      "ASSIGNER" : "ics-cert@hq.dhs.gov",
+      "DATE_PUBLIC" : "2017-03-21T00:00:00",
       "ID" : "CVE-2017-6015",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "FactoryTalk Activation",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "FactoryTalk Activation Service, Version 4.00.02 and prior versions."
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "Rockwell Automation"
+            }
+         ]
+      }
    },
    "data_format" : "MITRE",
    "data_type" : "CVE",
@@ -11,7 +35,26 @@
       "description_data" : [
          {
             "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later. Rockwell Automation reported the vulnerability."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Unquoted search path or element CWE-428"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-047-02"
          }
       ]
    }