Skip to main content
GET
/
scans
/
cve
/
mitigation
/
{cve_id}
Get Mitigation Steps
curl --request GET \
  --url https://api.altostrat.io/scans/cve/mitigation/{cve_id} \
  --header 'Authorization: Bearer <token>'
{
  "cve_id": "CVE-2021-44228",
  "mitigation": "### Mitigation Steps for CVE-2021-44228 (Log4Shell)\n\n- **Upgrade Log4j:** The most effective mitigation is to upgrade Log4j to version `2.17.1` or later.\n- **Disable JNDI Lookups:** If upgrading is not possible, set the system property `log4j2.formatMsgNoLookups` to `true`.\n- **Remove the JndiLookup Class:** As a last resort, you can remove the `JndiLookup` class from the Log4j JAR file.\n"
}

Authorizations

โ€‹
Authorization
string
header
required

Enter your bearer token in the format: Bearer {token}

Path Parameters

โ€‹
cve_id
string
required

The CVE identifier (e.g., CVE-2021-44228).

Example:

"CVE-2021-44228"

Response

AI-generated mitigation steps for the specified CVE.

โ€‹
cve_id
string

The CVE identifier for which mitigation was requested.

Example:

"CVE-2021-44228"

โ€‹
mitigation
string

AI-generated, actionable mitigation steps in Markdown format.

Example:

"### Mitigation Steps for CVE-2021-44228 (Log4Shell)\n\n- **Upgrade Log4j:** The most effective mitigation is to upgrade Log4j to version2.17.1or later.\n- **Disable JNDI Lookups:** If upgrading is not possible, set the system propertylog4j2.formatMsgNoLookupstotrue.\n- **Remove the JndiLookup Class:** As a last resort, you can remove theJndiLookupclass from the Log4j JAR file.\n"