Grafana Enterprise 8.4.6 released with high severity security fix

Grafana Enterprise 8.4.6 has been released to address a high-severity security vulnerability (CVE-2022-24812) affecting versions 8.1.0-beta1 through 8.4.5, particularly impacting instances with the fine-grained access control beta feature enabled and multiple API Keys with different roles. Discovered during an internal audit, the vulnerability could lead to privilege escalation, prompting an urgent need for users of the affected versions to upgrade or disable the feature. Grafana Cloud instances have already been updated, and major cloud providers such as Amazon and Azure Managed Grafana have been notified and confirmed secure. The timeline of the security issue outlines the swift response from discovery to public release, and Grafana Labs provides a secure channel for reporting vulnerabilities, requesting non-disclosure until fixes are announced. Security updates are communicated via the Grafana community site and blog, offering email and RSS subscriptions for ongoing notifications.