{
  "entrypoint_kind": "endpoint",
  "entrypoint_detail": "POST /CFIDE/main/ide.cfm?ACTION=FILEIO over the real ColdFusion Tomcat HTTP endpoint after Server Auto-Lockdown",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "docker",
    "adobe-coldfusion-2025-update10",
    "tomcat",
    "apache2",
    "java"
  ],
  "cf_version": "2025,0,10,331899",
  "docker_image_id": "sha256:a51436584affbca07abe4909620cdd098f81737ba1e5f368410633df9474592a",
  "lockdown_installer_md5": "a4c76d478c07f91891c89d260c042318",
  "exploit_marker": "PRUVA_LOCKDOWN_RCE_1783451550-154638",
  "proof_artifacts": [
    "logs/reproduction_steps.log",
    "logs/product_identity.txt",
    "logs/official_lockdown_success.log",
    "logs/lockdown_state.txt",
    "logs/post_lockdown_auth_enabled_negative.log",
    "logs/post_lockdown_abs_read_passwd.log",
    "logs/post_lockdown_abs_write_cfide_webshell.log",
    "logs/post_lockdown_rce_tomcat.log",
    "logs/post_lockdown_apache_cfide_block.log",
    "logs/post_lockdown_traversal_negative.log"
  ],
  "notes": "confirmed: code execution under official lockdown via direct Tomcat RDS FILEIO endpoint when RDS auth is disabled; Apache connector blocks CFIDE but Tomcat port remains exploitable"
}
