Get CVEs by MAC Address

curl --request POST \
  --url https://api.altostrat.io/scans/cve/mac-address/cves \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "mac_addresses": [
    "00:1A:2B:3C:4D:5E",
    "08:00:27:7C:2E:5A"
  ]
}
'

{
  "mac_addresses": [
    "00:1A:2B:3C:4D:5E"
  ],
  "total_scans": 5,
  "total_cve_instances": 23,
  "total_host_count": 8,
  "mac_stats": {},
  "stats": {
    "unique_cve_count": 15,
    "highest_score": 9.8,
    "average_score": 7.5
  },
  "cves": [
    {
      "id": "9c46d2a1-1234-5678-9abc-def012345678",
      "cve_id": "CVE-2021-44228",
      "description": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints.",
      "published_at": "2021-12-10T11:15:00Z",
      "created_at": "2025-10-29T12:10:00Z",
      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "score": 10,
      "severity": "CRITICAL",
      "scan_id": "9c46a6f1-a8d8-4f5a-9b2f-7d1b3e9c5a1d",
      "compliance_tags": [
        "PCI-DSS",
        "HIPAA",
        "NIST"
      ],
      "host": {
        "id": "9c46d4e5-a1b2-c3d4-e5f6-a1b2c3d4e5f6",
        "hostname": "fileserver.local",
        "mac_address": "00:1A:2B:3C:4D:5E",
        "manufacturer": "Apple, Inc.",
        "ip_address": "192.168.1.101"
      },
      "status": "open",
      "other_occurrences": [
        {
          "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "scan_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "host_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "created_at": "2023-11-07T05:31:56Z"
        }
      ]
    }
  ]
}

POST

scans

cve

mac-address

cves

Get CVEs by MAC Address

curl --request POST \
  --url https://api.altostrat.io/scans/cve/mac-address/cves \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "mac_addresses": [
    "00:1A:2B:3C:4D:5E",
    "08:00:27:7C:2E:5A"
  ]
}
'

{
  "mac_addresses": [
    "00:1A:2B:3C:4D:5E"
  ],
  "total_scans": 5,
  "total_cve_instances": 23,
  "total_host_count": 8,
  "mac_stats": {},
  "stats": {
    "unique_cve_count": 15,
    "highest_score": 9.8,
    "average_score": 7.5
  },
  "cves": [
    {
      "id": "9c46d2a1-1234-5678-9abc-def012345678",
      "cve_id": "CVE-2021-44228",
      "description": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints.",
      "published_at": "2021-12-10T11:15:00Z",
      "created_at": "2025-10-29T12:10:00Z",
      "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "score": 10,
      "severity": "CRITICAL",
      "scan_id": "9c46a6f1-a8d8-4f5a-9b2f-7d1b3e9c5a1d",
      "compliance_tags": [
        "PCI-DSS",
        "HIPAA",
        "NIST"
      ],
      "host": {
        "id": "9c46d4e5-a1b2-c3d4-e5f6-a1b2c3d4e5f6",
        "hostname": "fileserver.local",
        "mac_address": "00:1A:2B:3C:4D:5E",
        "manufacturer": "Apple, Inc.",
        "ip_address": "192.168.1.101"
      },
      "status": "open",
      "other_occurrences": [
        {
          "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "scan_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "host_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "created_at": "2023-11-07T05:31:56Z"
        }
      ]
    }
  ]
}

Authorizations

Authorization

string

header

required

Enter your bearer token in the format: Bearer {token}

Body

application/json

A list of MAC addresses to query.

mac_addresses

string[]

required

An array of one or more MAC addresses to search for.

Response

A detailed list of CVEs found for the specified MAC addresses.

A comprehensive report of vulnerabilities for the requested MAC addresses.

mac_addresses

string[]

The list of MAC addresses included in this report.

Example:

["00:1A:2B:3C:4D:5E"]

total_scans

integer

The total number of unique scans where these MACs were found.

Example:

5

total_cve_instances

integer

The total number of vulnerability instances found across all scans for these MACs.

Example:

23

total_host_count

integer

The total number of host records (IP/port combinations) associated with these MACs.

Example:

8

mac_stats

object

A breakdown of vulnerability statistics for each requested MAC address.

Show child attributes

mac_stats.{key}

object

Show child attributes

mac_stats.{key}.total_cve_instances

integer

Example:

23

mac_stats.{key}.unique_cve_count

integer

Example:

12

mac_stats.{key}.highest_score

number<float>

Example:

9.8

mac_stats.{key}.average_score

number<float>

Example:

7.2

mac_stats.{key}.hosts

integer

Example:

8

stats

object

Aggregated statistics across all requested MAC addresses.

Show child attributes

stats.unique_cve_count

integer

Example:

15

stats.highest_score

number<float>

Example:

9.8

stats.average_score

number<float>

Example:

7.5

cves

object[]

A list of unique vulnerabilities found, along with their occurrences.

Show child attributes

cves.id

string<uuid>

The unique identifier for this specific CVE instance.

Example:

"9c46d2a1-1234-5678-9abc-def012345678"

cves.cve_id

string

The official CVE identifier.

Example:

"CVE-2021-44228"

cves.description

string

A detailed description of the vulnerability.

Example:

"Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints."

cves.published_at

string<date-time>

The date the CVE was published by NVD.

Example:

"2021-12-10T11:15:00Z"

cves.created_at

string<date-time>

The timestamp of the scan that discovered this vulnerability.

Example:

"2025-10-29T12:10:00Z"

cves.vector

string

The CVSS vector string providing detailed metrics.

Example:

"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"

cves.score

number<float>

The CVSS base score.

Example:

10

cves.severity

enum<string>

The severity level of the vulnerability.

Available options:

NONE,

LOW,

MEDIUM,

HIGH,

CRITICAL

Example:

"CRITICAL"

cves.scan_id

string<uuid>

The ID of the scan in which this CVE was found.

Example:

"9c46a6f1-a8d8-4f5a-9b2f-7d1b3e9c5a1d"

cves.compliance_tags

string[]

A list of compliance standards potentially impacted by this vulnerability.

Example:

["PCI-DSS", "HIPAA", "NIST"]

cves.host

object

Show child attributes

cves.host.id

string<uuid>

The unique identifier for the host record.

Example:

"9c46d4e5-a1b2-c3d4-e5f6-a1b2c3d4e5f6"

cves.host.hostname

string | null

The discovered hostname of the device.

Example:

"fileserver.local"

cves.host.mac_address

string

The MAC address of the device.

Example:

"00:1A:2B:3C:4D:5E"

cves.host.manufacturer

string | null

The manufacturer of the device, inferred from the MAC address.

Example:

"Apple, Inc."

cves.host.ip_address

string<ipv4>

The IP address of the device at the time of the scan.

Example:

"192.168.1.101"

cves.status

enum<string>

The current management status of this CVE for the associated device.

Available options:

open,

accepted,

mitigated

Example:

"open"

cves.other_occurrences

object[]

A list of other times this same CVE was found for this MAC address.

Show child attributes

cves.other_occurrences.id

string<uuid>

The unique ID of the CVE instance.

cves.other_occurrences.scan_id

string<uuid>

The ID of the scan where this occurrence was found.

cves.other_occurrences.host_id

string<uuid>

The ID of the host where this occurrence was found.

cves.other_occurrences.created_at

string<date-time>

The start time of the scan where this was found.

Get Latest Scan Status

List All Scanned MAC Addresses

⌘I

Getting Started

Platform & Identity

Device Management & Orchestration

Automation & AI

Network Services & Connectivity

Security & Threat Management

Monitoring & Analytics

Core Services & Utilities

Get CVEs by MAC Address

Authorizations

Body

Response