This page lists publicly disclosed CVE vulnerabilities affecting microsoft dynamics_ax (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2014-0261 | Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) instance, aka "Query Filter DoS Vulnerability." | [email protected] | 4.0 | 10.30% | 2014-01-15 | 2026-06-16 |
| CVE-2012-1857 | Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynamics AX Enterprise Portal XSS Vulnerability." | [email protected] | 4.3 | 11.01% | 2012-06-12 | 2026-06-16 |