CWE-449 is a common weakness enumeration in software security. This database tracks 11 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-449?

There are 11 CVE vulnerabilities classified as CWE-449 with an average CVSS score of 5.4090909090909.

What is the severity distribution for CWE-449?

CWE-449 contains 0 critical, 0 high, 11 medium, and 0 low severity vulnerabilities.

CWE-449

Total CVEs

Vulnerabilities

Avg CVSS v3

5.4

Medium

Latest CVE

2025

Most Recent

Severity Distribution

Critical 0

High 0

Medium 11

100%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (11)

Page 1 of 1

CVE-2023-43588

MEDIUM

CVSS:6.5(Medium)

Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.

CWE-4492023

CVE-2023-43585

MEDIUM

CVSS:6.5(Medium)

Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.

CWE-4492023

CVE-2023-39215

MEDIUM

CVSS:6.5(Medium)

Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.

CWE-4492023

CVE-2023-39209

MEDIUM

CVSS:6.5(Medium)

Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.

CWE-4492023

CVE-2023-36535

MEDIUM

CVSS:6.5(Medium)

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.

CWE-4492023