> ## Documentation Index > Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt > Use this file to discover all available pages before exploring further. # List CVE Statuses > Retrieves a list of all managed CVE statuses. You can filter the results by MAC address, CVE ID, or status to find specific records. ## OpenAPI ````yaml /api/en/cve-scans.yaml get /scans/cve/mac-address/cve/status openapi: 3.0.3 info: title: Altostrat CVE Scans API version: 1.0.0 description: >- The Altostrat CVE Scans API is the microservice responsible for scheduling, executing, and reporting on network vulnerability scans. It is a core component of the Altostrat SDX platform's security posture management, providing deep insights into potential vulnerabilities across MikroTik networks to complement the platform's automation and AI capabilities. This API allows you to programmatically manage: - **Scan Schedules:** Define recurring vulnerability scans for specific network sites, including frequency, timing, and vulnerability thresholds. - **Scan Results:** Access detailed historical and in-progress scan reports, including discovered CVEs, affected hosts, and severity scores. - **Vulnerability Management:** Query specific CVEs by device (MAC address) and manage their lifecycle by marking them as accepted or mitigated. Developers use this API to integrate automated vulnerability scanning and reporting into their network management workflows and security dashboards. servers: - url: https://v1.api.altostrat.io description: Altostrat Production API Server security: - bearerAuth: [] tags: - name: Scan Schedules description: Manage the configuration and scheduling of recurring vulnerability scans. - name: Scan Execution description: Manually trigger and terminate scan jobs. - name: Scan Results description: Retrieve historical and in-progress scan reports and data. - name: Vulnerability Intelligence description: Query for specific vulnerability data and mitigation advice. - name: Vulnerability Management description: Manage the lifecycle and status of discovered vulnerabilities. paths: /scans/cve/mac-address/cve/status: get: tags: - Vulnerability Management summary: List CVE Statuses description: >- Retrieves a list of all managed CVE statuses. You can filter the results by MAC address, CVE ID, or status to find specific records. operationId: listCveStatuses parameters: - name: mac_address in: query description: Filter statuses by a specific MAC address. schema: type: string example: 00:1A:2B:3C:4D:5E - name: cve_id in: query description: Filter statuses by a specific CVE identifier. schema: type: string example: CVE-2023-1234 - name: status in: query description: Filter statuses by their current state. schema: type: string enum: - open - accepted - mitigated example: accepted responses: '200': description: A list of CVE status records matching the filter criteria. content: application/json: schema: type: array items: $ref: '#/components/schemas/MacCveStatus' '401': $ref: '#/components/responses/UnauthorizedError' '403': $ref: '#/components/responses/ForbiddenError' components: schemas: MacCveStatus: type: object properties: id: type: string format: uuid description: The unique identifier for this status record. mac_address: type: string description: The MAC address to which this status applies. example: 00:1A:2B:3C:4D:5E cve_id: type: string description: The CVE identifier to which this status applies. example: CVE-2023-1234 status: type: string description: The management status of the vulnerability. enum: - accepted - mitigated example: accepted justification: type: string description: The reason for this status assignment. example: Risk accepted due to internal-only service with no external access. scan_id: type: string format: uuid description: The ID of the scan that was active when this status was created. nullable: true expiration_date: type: string format: date-time description: The timestamp when this status will expire and revert to 'open'. nullable: true created_by: type: string format: uuid description: The ID of the user who created this status record. updated_by: type: string format: uuid description: The ID of the user who last updated this status record. created_at: type: string format: date-time description: The timestamp when this status record was created. updated_at: type: string format: date-time description: The timestamp when this status record was last updated. ErrorResponse: type: object properties: type: type: string description: A broad category for the error (e.g., 'invalid_request_error'). example: invalid_request_error code: type: string description: A short, unique string identifying the specific error. example: parameter_missing message: type: string description: A human-readable description of what went wrong. example: The 'description' parameter is required for this request. doc_url: type: string description: >- A direct link to the documentation page for this specific error code. example: https://docs.altostrat.io/errors/parameter_missing responses: UnauthorizedError: description: >- Unauthorized - The request requires authentication, but none was provided or it was invalid. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' ForbiddenError: description: >- Forbidden - The authenticated user does not have permission to perform this action. content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT description: 'Enter your bearer token in the format: Bearer {token}' ````