Skip to main content
Glama
enesjakozh
jamiesonio

DefectDojo MCP Server

by jamiesonio
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

update_finding_status

Modify the status of a vulnerability finding in DefectDojo to values like Active, Verified, or False Positive. This tool helps manage and track findings efficiently within the vulnerability management system.

Instructions

Update the status of a finding (Active, Verified, False Positive, Mitigated, Inactive)

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
finding_idYes
statusYes

Output Schema

TableJSON Schema
NameRequiredDescriptionDefault
resultYes

Implementation Reference

  • src/defectdojo/findings_tools.py:90-148 (handler)
    The main handler function that implements the tool logic: maps user-provided status strings to DefectDojo API fields, handles flag conflicts, calls the client to update the finding, and returns success/error response.
    async def update_finding_status(finding_id: int, status: str) -> Dict[str, Any]:
    """Update the status of a finding.

    Args:
        finding_id: ID of the finding to update
        status: New status for the finding (Active, Verified, False Positive, Mitigated, Inactive)

    Returns:
        Dictionary with status and data/error
    """
    data = {"active": True}  # Default to active

    # Map common status values to API fields
    status_lower = status.lower()
    if status_lower == "false positive":
        data["false_p"] = True
    elif status_lower == "verified":
        data["verified"] = True
    elif status_lower == "mitigated":
        data["active"] = False
        data["mitigated"] = True # Assuming API uses 'mitigated' boolean field
    elif status_lower == "inactive":
        data["active"] = False
    elif status_lower != "active":
        # Check against API specific values if needed, or raise error for unsupported input
        return {"status": "error", "error": f"Unsupported status: {status}. Use Active, Verified, False Positive, Mitigated, or Inactive."}

    # Clear conflicting flags if setting a specific status
    if data.get("false_p"):
        data.pop("verified", None)
        data.pop("active", None)
        data.pop("mitigated", None)
    elif data.get("verified"):
         data.pop("false_p", None)
         # Verified implies active usually, but check API docs if explicit setting is needed
         data["active"] = True
         data.pop("mitigated", None)
    elif data.get("mitigated"):
         data.pop("false_p", None)
         data.pop("verified", None)
         data["active"] = False # Mitigated implies inactive
    elif not data.get("active", True): # Handling "Inactive" case
         data.pop("false_p", None)
         data.pop("verified", None)
         data.pop("mitigated", None)
         data["active"] = False
    else: # Handling "Active" case (default or explicit)
         data.pop("false_p", None)
         data.pop("verified", None)
         data.pop("mitigated", None)
         data["active"] = True

    client = get_client()
    result = await client.update_finding(finding_id, data)

    if "error" in result:
        return {"status": "error", "error": result["error"], "details": result.get("details", "")}

    return {"status": "success", "data": result}
  • src/defectdojo/tools.py:42-45 (registration)
    Registers the update_finding_status handler function as an MCP tool with name and description.
    mcp.tool(
    name="update_finding_status",
    description="Update the status of a finding (Active, Verified, False Positive, Mitigated, Inactive)"
)(update_finding_status)

Tool Definition Quality

Score is being calculated. Check back soon.

Install Server

Other Tools

Related Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jamiesonio/defectdojo-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server