Skip to main content
Glama
malloryai

Mallory MCP Server

Official
by malloryai
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

get_vulnerability_configurations

Identify affected systems and versions for a specific vulnerability using CPE standards to enable targeted remediation and accurate vulnerability assessment.

Instructions

Get configuration information for a specific vulnerability

Use this tool when you need to understand exactly which systems, products, or versions are affected by a vulnerability. This information is essential for:

  • Determining if your specific product versions are vulnerable

  • Planning targeted remediation efforts

  • Conducting accurate asset vulnerability mapping

  • Filtering out false positives in vulnerability scanning

  • Understanding the scope of affected software/hardware configurations

The configuration data follows CPE (Common Platform Enumeration) standards to precisely identify affected systems.

Args: identifier (str): The unique CVE ID or UUID of the vulnerability to retrieve. Example formats: "CVE-2023-1234" or "123e4567-e89b-12d3-a456-426614174000"

Returns: Dict[str, Any]: List of vulnerable configurations for the specified vulnerability, where each configuration contains: - uuid: Unique identifier for this configuration record - cpe_id: Identifier for this CPE configuration - set_id: Identifier for the set this configuration belongs to - is_vulnerable: Boolean indicating if this configuration is vulnerable - vendor/vendor_display_name: The vendor of the affected product - product/product_display_name: The affected product name - product_type: Type of product (e.g., "application", "os") - Version range indicators: - versionStartIncluding/versionStartExcluding: Minimum affected version - versionEndIncluding/versionEndExcluding: Maximum affected version - updateStartIncluding/updateEndIncluding: Update version specifiers - Platform details: - edition: Edition of the product - language: Language of the product - sw_edition: Software edition information - target_sw: Target software environment (e.g., "wordpress") - target_hw: Target hardware environment - other: Additional targeting information - created_at/updated_at: Timestamps for record management - cve_id: The CVE identifier associated with this configuration

An empty list indicates no specific configuration information is available.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
identifierYes

Implementation Reference

  • malloryai/mcp/tools/vulnerabilities.py:185-235 (handler)
    The core handler function for the 'get_vulnerability_configurations' MCP tool. It is registered directly via the @mcp.tool() decorator and implements the tool logic by proxying to the MalloryAI client API. Includes comprehensive docstring serving as input/output schema documentation.
    @mcp.tool()
@handle_api_errors
async def get_vulnerability_configurations(
    identifier: str,
) -> Dict[str, Any]:
    """Get configuration information for a specific vulnerability

    Use this tool when you need to understand exactly which systems, products, or versions
    are affected by a vulnerability. This information is essential for:
    - Determining if your specific product versions are vulnerable
    - Planning targeted remediation efforts
    - Conducting accurate asset vulnerability mapping
    - Filtering out false positives in vulnerability scanning
    - Understanding the scope of affected software/hardware configurations

    The configuration data follows CPE (Common Platform Enumeration) standards to precisely
    identify affected systems.

    Args:
        identifier (str): The unique CVE ID or UUID of the vulnerability to retrieve.
            Example formats: "CVE-2023-1234" or "123e4567-e89b-12d3-a456-426614174000"

    Returns:
        Dict[str, Any]: List of vulnerable configurations for the specified vulnerability,
        where each configuration contains:
            - uuid: Unique identifier for this configuration record
            - cpe_id: Identifier for this CPE configuration
            - set_id: Identifier for the set this configuration belongs to
            - is_vulnerable: Boolean indicating if this configuration is vulnerable
            - vendor/vendor_display_name: The vendor of the affected product
            - product/product_display_name: The affected product name
            - product_type: Type of product (e.g., "application", "os")
            - Version range indicators:
                - versionStartIncluding/versionStartExcluding: Minimum affected version
                - versionEndIncluding/versionEndExcluding: Maximum affected version
                - updateStartIncluding/updateEndIncluding: Update version specifiers
            - Platform details:
                - edition: Edition of the product
                - language: Language of the product
                - sw_edition: Software edition information
                - target_sw: Target software environment (e.g., "wordpress")
                - target_hw: Target hardware environment
                - other: Additional targeting information
            - created_at/updated_at: Timestamps for record management
            - cve_id: The CVE identifier associated with this configuration

        An empty list indicates no specific configuration information is available.
    """
    return await malloryai_client.vulnerabilities.get_vulnerability_configurations(
        identifier=identifier
    )
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/malloryai/mallory-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server