get_cpes
Retrieve Common Platform Enumeration (CPE) data for software products to identify vulnerabilities and enhance cybersecurity assessments.
Instructions
Get Common Platform Enumeration (CPE) information for products
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| product | No | Product name to search for (e.g., 'apache', 'windows') | |
| vendor | No | Vendor name to filter by (e.g., 'microsoft', 'apache') | |
| version | No | Version to filter by (e.g., '2.4.1') | |
| limit | No | Maximum number of results to return (default: 10) | |
| skip | No | Number of results to skip for pagination (default: 0) |
Implementation Reference
- src/index.ts:1888-1924 (handler)MCP CallToolRequestSchema handler case for 'get_cpes' tool. Parses arguments into options and delegates to CVEDBClient.getCpes method, returning formatted JSON response or error.case "get_cpes": { const options: any = {}; if (request.params.arguments?.product) { options.product = String(request.params.arguments.product); } if (request.params.arguments?.vendor) { options.vendor = String(request.params.arguments.vendor); } if (request.params.arguments?.version) { options.version = String(request.params.arguments.version); } if (request.params.arguments?.limit) { options.limit = Number(request.params.arguments.limit); } if (request.params.arguments?.skip) { options.skip = Number(request.params.arguments.skip); } try { const cpeResults = await cvedbClient.getCpes(options); return { content: [{ type: "text", text: JSON.stringify(cpeResults, null, 2) }] }; } catch (error) { if (error instanceof McpError) { throw error; } throw new McpError( ErrorCode.InternalError, `Error getting CPEs: ${(error as Error).message}` ); } }
- src/index.ts:716-743 (helper)Core helper method in CVEDBClient class that performs HTTP GET to CVEDB API /cpes endpoint with optional query parameters for filtering CPEs by product, vendor, version, and pagination.async getCpes(options: { product?: string; vendor?: string; version?: string; limit?: number; skip?: number; } = {}): Promise<any> { try { const params: any = {}; if (options.product) params.product = options.product; if (options.vendor) params.vendor = options.vendor; if (options.version) params.version = options.version; if (options.limit) params.limit = options.limit; if (options.skip) params.skip = options.skip; const response = await this.axiosInstance.get("/cpes", { params }); return response.data; } catch (error: unknown) { if (axios.isAxiosError(error)) { throw new McpError( ErrorCode.InternalError, `CVEDB API error: ${error.response?.data?.error || error.message}` ); } throw error; } }
- src/index.ts:1211-1237 (schema)Input schema definition and registration for the 'get_cpes' tool in the ListToolsRequestSchema response, specifying parameters for product, vendor, version, limit, and skip.name: "get_cpes", description: "Get Common Platform Enumeration (CPE) information for products", inputSchema: { type: "object", properties: { product: { type: "string", description: "Product name to search for (e.g., 'apache', 'windows')" }, vendor: { type: "string", description: "Vendor name to filter by (e.g., 'microsoft', 'apache')" }, version: { type: "string", description: "Version to filter by (e.g., '2.4.1')" }, limit: { type: "number", description: "Maximum number of results to return (default: 10)" }, skip: { type: "number", description: "Number of results to skip for pagination (default: 0)" } } }
- src/index.ts:875-1280 (registration)Tool registration via ListToolsRequestSchema handler that includes 'get_cpes' in the list of available tools with its schema.server.setRequestHandler(ListToolsRequestSchema, async () => { return { tools: [ { name: "get_host_info", description: "Get detailed information about a specific IP address", inputSchema: { type: "object", properties: { ip: { type: "string", description: "IP address to look up" }, max_items: { type: "number", description: "Maximum number of items to include in arrays (default: 5)" }, fields: { type: "array", items: { type: "string" }, description: "List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])" } }, required: ["ip"] } }, { name: "search_shodan", description: "Search Shodan's database for devices and services", inputSchema: { type: "object", properties: { query: { type: "string", description: "Shodan search query (e.g., 'apache country:US')" }, page: { type: "number", description: "Page number for results pagination (default: 1)" }, facets: { type: "array", items: { type: "string" }, description: "List of facets to include in the search results (e.g., ['country', 'org'])" }, max_items: { type: "number", description: "Maximum number of items to include in arrays (default: 5)" }, fields: { type: "array", items: { type: "string" }, description: "List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])" }, summarize: { type: "boolean", description: "Whether to return a summary of the results instead of the full data (default: false)" } }, required: ["query"] } }, { name: "scan_network_range", description: "Scan a network range (CIDR notation) for devices", inputSchema: { type: "object", properties: { cidr: { type: "string", description: "Network range in CIDR notation (e.g., 192.168.1.0/24)" }, max_items: { type: "number", description: "Maximum number of items to include in results (default: 5)" }, fields: { type: "array", items: { type: "string" }, description: "List of fields to include in the results (e.g., ['ip_str', 'ports', 'location.country_name'])" } }, required: ["cidr"] } }, { name: "get_ssl_info", description: "Get SSL certificate information for a domain", inputSchema: { type: "object", properties: { domain: { type: "string", description: "Domain name to look up SSL certificates for (e.g., example.com)" } }, required: ["domain"] } }, { name: "search_iot_devices", description: "Search for specific types of IoT devices", inputSchema: { type: "object", properties: { device_type: { type: "string", description: "Type of IoT device to search for (e.g., 'webcam', 'router', 'smart tv')" }, country: { type: "string", description: "Optional country code to limit search (e.g., 'US', 'DE')" }, max_items: { type: "number", description: "Maximum number of items to include in results (default: 5)" } }, required: ["device_type"] } }, { name: "get_host_count", description: "Get the count of hosts matching a search query without consuming query credits", inputSchema: { type: "object", properties: { query: { type: "string", description: "Shodan search query to count hosts for" }, facets: { type: "array", items: { type: "string" }, description: "List of facets to include in the count results (e.g., ['country', 'org'])" } }, required: ["query"] } }, { name: "list_search_facets", description: "List all available search facets that can be used with Shodan queries", inputSchema: { type: "object", properties: {} } }, { name: "list_search_filters", description: "List all available search filters that can be used in Shodan queries", inputSchema: { type: "object", properties: {} } }, { name: "parse_search_tokens", description: "Parse a search query to understand which filters and parameters are being used", inputSchema: { type: "object", properties: { query: { type: "string", description: "Shodan search query to parse and analyze" } }, required: ["query"] } }, { name: "list_ports", description: "List all ports that Shodan crawls on the Internet", inputSchema: { type: "object", properties: {} } }, { name: "list_protocols", description: "List all protocols that can be used when performing on-demand Internet scans", inputSchema: { type: "object", properties: {} } }, { name: "get_api_info", description: "Get information about your API plan including credits and limits", inputSchema: { type: "object", properties: {} } }, { name: "get_my_ip", description: "Get your current IP address as seen from the Internet", inputSchema: { type: "object", properties: {} } }, { name: "dns_lookup", description: "Resolve hostnames to IP addresses using DNS lookup", inputSchema: { type: "object", properties: { hostnames: { type: "array", items: { type: "string" }, description: "List of hostnames to resolve (e.g., ['google.com', 'facebook.com'])" } }, required: ["hostnames"] } }, { name: "reverse_dns_lookup", description: "Get hostnames for IP addresses using reverse DNS lookup", inputSchema: { type: "object", properties: { ips: { type: "array", items: { type: "string" }, description: "List of IP addresses to lookup (e.g., ['8.8.8.8', '1.1.1.1'])" } }, required: ["ips"] } }, { name: "get_domain_info", description: "Get comprehensive domain information including subdomains and DNS records", inputSchema: { type: "object", properties: { domain: { type: "string", description: "Domain name to lookup (e.g., 'google.com')" }, history: { type: "boolean", description: "Include historical DNS data (default: false)" }, type: { type: "string", description: "DNS record type filter (A, AAAA, CNAME, NS, SOA, MX, TXT)" }, page: { type: "number", description: "Page number for pagination (default: 1)" } }, required: ["domain"] } }, { name: "get_account_profile", description: "Get account profile information including membership status and credits", inputSchema: { type: "object", properties: {} } }, { name: "get_cve_info", description: "Get detailed information about a specific CVE", inputSchema: { type: "object", properties: { cve_id: { type: "string", description: "CVE ID to look up (e.g., 'CVE-2021-44228')" } }, required: ["cve_id"] } }, { name: "search_cves", description: "Search for vulnerabilities with various filters", inputSchema: { type: "object", properties: { cpe23: { type: "string", description: "CPE 2.3 string to search for (e.g., 'cpe:2.3:a:apache:log4j:*')" }, product: { type: "string", description: "Product name to search for vulnerabilities (e.g., 'apache', 'windows')" }, is_kev: { type: "boolean", description: "Filter for Known Exploited Vulnerabilities only" }, sort_by_epss: { type: "boolean", description: "Sort results by EPSS score (Exploit Prediction Scoring System)" }, start_date: { type: "string", description: "Start date for filtering CVEs (YYYY-MM-DD format)" }, end_date: { type: "string", description: "End date for filtering CVEs (YYYY-MM-DD format)" }, limit: { type: "number", description: "Maximum number of results to return (default: 10)" }, skip: { type: "number", description: "Number of results to skip for pagination (default: 0)" } } } }, { name: "get_cpes", description: "Get Common Platform Enumeration (CPE) information for products", inputSchema: { type: "object", properties: { product: { type: "string", description: "Product name to search for (e.g., 'apache', 'windows')" }, vendor: { type: "string", description: "Vendor name to filter by (e.g., 'microsoft', 'apache')" }, version: { type: "string", description: "Version to filter by (e.g., '2.4.1')" }, limit: { type: "number", description: "Maximum number of results to return (default: 10)" }, skip: { type: "number", description: "Number of results to skip for pagination (default: 0)" } } } }, { name: "get_newest_cves", description: "Get the newest vulnerabilities from the CVE database", inputSchema: { type: "object", properties: { limit: { type: "number", description: "Maximum number of results to return (default: 10)" } } } }, { name: "get_kev_cves", description: "Get Known Exploited Vulnerabilities (KEV) from CISA", inputSchema: { type: "object", properties: { limit: { type: "number", description: "Maximum number of results to return (default: 10)" } } } }, { name: "get_cves_by_epss", description: "Get CVEs sorted by EPSS score (Exploit Prediction Scoring System)", inputSchema: { type: "object", properties: { limit: { type: "number", description: "Maximum number of results to return (default: 10)" } } } } ] }; });