> ## Documentation Index > Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt > Use this file to discover all available pages before exploring further. # List All Scanned MAC Addresses > Retrieves a list of all unique MAC addresses that have been discovered across all scans for your account. This can be used to populate a device inventory or to discover which devices to query for CVEs. ## OpenAPI ````yaml /api/en/cve-scans.yaml get /scans/cve/mac-address/cve/list openapi: 3.0.3 info: title: Altostrat CVE Scans API version: 1.0.0 description: >- The Altostrat CVE Scans API is the microservice responsible for scheduling, executing, and reporting on network vulnerability scans. It is a core component of the Altostrat SDX platform's security posture management, providing deep insights into potential vulnerabilities across MikroTik networks to complement the platform's automation and AI capabilities. This API allows you to programmatically manage: - **Scan Schedules:** Define recurring vulnerability scans for specific network sites, including frequency, timing, and vulnerability thresholds. - **Scan Results:** Access detailed historical and in-progress scan reports, including discovered CVEs, affected hosts, and severity scores. - **Vulnerability Management:** Query specific CVEs by device (MAC address) and manage their lifecycle by marking them as accepted or mitigated. Developers use this API to integrate automated vulnerability scanning and reporting into their network management workflows and security dashboards. servers: - url: https://v1.api.altostrat.io description: Altostrat Production API Server security: - bearerAuth: [] tags: - name: Scan Schedules description: Manage the configuration and scheduling of recurring vulnerability scans. - name: Scan Execution description: Manually trigger and terminate scan jobs. - name: Scan Results description: Retrieve historical and in-progress scan reports and data. - name: Vulnerability Intelligence description: Query for specific vulnerability data and mitigation advice. - name: Vulnerability Management description: Manage the lifecycle and status of discovered vulnerabilities. paths: /scans/cve/mac-address/cve/list: get: tags: - Vulnerability Intelligence summary: List All Scanned MAC Addresses description: >- Retrieves a list of all unique MAC addresses that have been discovered across all scans for your account. This can be used to populate a device inventory or to discover which devices to query for CVEs. operationId: listAllMacs responses: '200': description: A list of MAC address statistics. content: application/json: schema: type: array items: $ref: '#/components/schemas/MacAddressCveStat' '204': description: No MAC addresses found for this customer. '401': $ref: '#/components/responses/UnauthorizedError' '403': $ref: '#/components/responses/ForbiddenError' components: schemas: MacAddressCveStat: type: object description: A summary of vulnerability statistics for a single MAC address. properties: mac_address: type: string example: 08:00:27:7C:2E:5A total_scans: type: integer example: 3 total_cve_instances: type: integer example: 15 stats: type: object properties: unique_cve_count: type: integer example: 8 highest_score: type: number format: float example: 8.8 average_score: type: number format: float example: 6.5 ErrorResponse: type: object properties: type: type: string description: A broad category for the error (e.g., 'invalid_request_error'). example: invalid_request_error code: type: string description: A short, unique string identifying the specific error. example: parameter_missing message: type: string description: A human-readable description of what went wrong. example: The 'description' parameter is required for this request. doc_url: type: string description: >- A direct link to the documentation page for this specific error code. example: https://docs.altostrat.io/errors/parameter_missing responses: UnauthorizedError: description: >- Unauthorized - The request requires authentication, but none was provided or it was invalid. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' ForbiddenError: description: >- Forbidden - The authenticated user does not have permission to perform this action. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: 'Enter your bearer token in the format: Bearer {token}' ````