Skip to main content
POST
/
mac-address
/
cve
/
status
Set CVE Status Override
curl --request POST \
  --url https://api.altostrat.io/scans/cve/mac-address/cve/status \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "mac_address": "00:1A:2B:3C:4D:5E",
  "cve_id": "CVE-2021-44228",
  "status": "accepted",
  "justification": "Risk accepted due to device being in isolated network segment with restricted access."
}'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "mac_address": "<string>",
  "cve_id": "<string>",
  "status": "open",
  "justification": "<string>",
  "scan_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "expiration_date": "2023-11-07T05:31:56Z",
  "created_by": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "updated_by": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "message": "CVE status updated successfully"
}

Authorizations

Authorization
string
header
required

Authentication token obtained via Altostrat platform login.

Body

application/json

Data required to update the status of a specific CVE on a specific MAC address.

mac_address
string
required

The MAC address of the affected device (format XX:XX:XX:XX:XX:XX or XX-XX-XX-XX-XX-XX).

Example:

"00:1A:2B:3C:4D:5E"

cve_id
string
required

The CVE ID being updated.

Example:

"CVE-2021-44228"

status
enum<string>
required

The new status to assign (risk accepted or mitigated). 'open' is the default and cannot be set via API.

Available options:
accepted,
mitigated
Example:

"accepted"

justification
string
required

Reason for the status change (e.g., compensating controls, patch applied, false positive reasoning).

Required string length: 10 - 1000
Example:

"Risk accepted due to device being in isolated network segment with restricted access."

Response

CVE status override created successfully.

Represents the status override for a CVE on a specific MAC address.

id
string<uuid>
mac_address
string
cve_id
string
status
enum<string>
Available options:
open,
accepted,
mitigated
justification
string | null
scan_id
string<uuid> | null

The scan ID during which this status was last relevant (if applicable).

expiration_date
string<date-time> | null

When this status record expires (currently set to 5 mins after creation).

created_by
string<uuid> | null

User ID who created this status record.

updated_by
string<uuid> | null

User ID who last updated this status record.

created_at
string<date-time>
updated_at
string<date-time>
message
string
Example:

"CVE status updated successfully"

I