{"id":29819,"date":"2023-11-02T12:22:12","date_gmt":"2023-11-02T06:52:12","guid":{"rendered":"https:\/\/www.tjc-group.com\/?post_type=blog&p=29819"},"modified":"2025-02-24T15:58:35","modified_gmt":"2025-02-24T10:28:35","slug":"systemes-legacy-obsolescence-ne-rime-pas-avec-securite","status":"publish","type":"blog","link":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/","title":{"rendered":"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9"},"content":{"rendered":"\n

Auteur: Yannick Thommassier, CISO of TJC Group<\/p>\n\n\n\n

On pourrait croire que les syst\u00e8mes obsol\u00e8tes ne sont plus jamais concern\u00e9s par de nouvelles vuln\u00e9rabilit\u00e9s parce qu’ils ont atteint leur dernier niveau de mise \u00e0 jour disponible et qu’aucun chercheur en s\u00e9curit\u00e9 ou hacker ne va essayer de les corrompre.<\/p>\n\n\n\n

Mais il n’en est rien puisque des vuln\u00e9rabilit\u00e9s r\u00e9centes, d\u00e9couvertes sur une librairie, peuvent finalement concerner toutes les versions pr\u00e9sentes et pass\u00e9es de celle-ci.<\/p>\n\n\n\n

Prenons comme exemple les vuln\u00e9rabilit\u00e9s r\u00e9centes <\/strong>CVE-2023-38545<\/strong><\/a> et CVE-<\/strong>2023-38546<\/strong><\/a> concernant la librairie cURL<\/a>[LP1]<\/a> [LP2]<\/a> .<\/p>\n\n\n\n

Ces vuln\u00e9rabilit\u00e9s ne sont certes pas triviales \u00e0 exploiter et n\u00e9cessitent la satisfaction de plusieurs conditions pour cela. Mais elles illustrent, cependant, la probl\u00e9matique que repr\u00e9sente la d\u00e9couverte d’une vuln\u00e9rabilit\u00e9 impactant toutes les versions pr\u00e9c\u00e9dentes d’une librairie<\/strong>.<\/p>\n\n\n\n

La correction d’anciennes versions de cette librairie technique, embarqu\u00e9e dans bon nombre de syst\u00e8mes devenus obsol\u00e8tes avec le temps et plus maintenus, n’est pas du tout assur\u00e9e. <\/p>\n\n\n\n

Il faut alors esp\u00e9rer un hypoth\u00e9tique portage arri\u00e8re (back port) des corrections sur le code source de ces versions ant\u00e9rieures de la librairie, pour demeurer en s\u00e9curit\u00e9. Cela peut prendre du temps et provoquer des incompatibilit\u00e9s r\u00e9sultantes : la mont\u00e9e de version d’une librairie sur un syst\u00e8me obsol\u00e8te n’\u00e9tant pas chose facile.<\/p>\n\n\n\n

C’est pourquoi, maintenir un syst\u00e8me informatique obsol\u00e8te, m\u00eame \u00e0 jour des derniers correctifs diffus\u00e9s par l’\u00e9diteur, n’est pas s\u00fbr dans le temps.<\/strong> La conservation \u00e0 moyen ou longs termes des donn\u00e9es dans ces syst\u00e8mes n’est donc pas dans risque de s\u00e9curit\u00e9.<\/p>\n\n\n\n

Il est donc n\u00e9cessaire d’envisager le d\u00e9commissionnement de ces syst\u00e8mes et le transfert de leurs donn\u00e9es dans un service d’archivage pr\u00e9vu \u00e0 cet effet<\/strong>, moderne, robuste et maintenu \u00e0 jour, afin de conserver les donn\u00e9es avec le meilleur niveau de s\u00e9curit\u00e9.<\/p>\n\n\n\n

L’article suivant pourrait \u00e9galement vous int\u00e9resser :
https:\/\/www.tjc-group.com\/fr\/blogs\/est-il-prudent-de-conserver-des-anciennes-donnees-dans-un-systeme-legacy-sap\/<\/a><\/p>\n\n\n\n

<\/div>\n\n\n\n
\n","protected":false},"featured_media":29821,"parent":0,"menu_order":0,"template":"","meta":{"content-type":"","footnotes":""},"blog_tag":[352,196],"class_list":["post-29819","blog","type-blog","status-publish","has-post-thumbnail","hentry","blog_tag-cybersecurite","blog_tag-decommissionnement-des-systemes-legacy"],"yoast_head":"\nSyst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9<\/title>\n<meta name=\"description\" content=\"Le maintien d'un syst\u00e8me existant, m\u00eame avec les derniers correctifs, n'est pas s\u00fbr \u00e0 long terme. D\u00e9couvrez pourquoi le d\u00e9classement est l'option la plus s\u00fbre en mati\u00e8re de s\u00e9curit\u00e9 des donn\u00e9es.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9\" \/>\n<meta property=\"og:description\" content=\"Le maintien d'un syst\u00e8me existant, m\u00eame avec les derniers correctifs, n'est pas s\u00fbr \u00e0 long terme. D\u00e9couvrez pourquoi le d\u00e9classement est l'option la plus s\u00fbre en mati\u00e8re de s\u00e9curit\u00e9 des donn\u00e9es.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/\" \/>\n<meta property=\"og:site_name\" content=\"TJC Group\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-24T10:28:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2023\/11\/Header_web_article_cybersecurity_1920x960px.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@tjcsoftware\" \/>\n<meta name=\"twitter:label1\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/\",\"url\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/\",\"name\":\"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.tjc-group.com\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Header_web_article_cybersecurity_1920x960px.webp\",\"datePublished\":\"2023-11-02T06:52:12+00:00\",\"dateModified\":\"2025-02-24T10:28:35+00:00\",\"description\":\"Le maintien d'un syst\u00e8me existant, m\u00eame avec les derniers correctifs, n'est pas s\u00fbr \u00e0 long terme. D\u00e9couvrez pourquoi le d\u00e9classement est l'option la plus s\u00fbre en mati\u00e8re de s\u00e9curit\u00e9 des donn\u00e9es.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.tjc-group.com\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Header_web_article_cybersecurity_1920x960px.webp\",\"contentUrl\":\"https:\\\/\\\/www.tjc-group.com\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Header_web_article_cybersecurity_1920x960px.webp\",\"width\":2500,\"height\":1250,\"caption\":\"Legacy systems | Obsolescence doesn\u2019t go hand in hand with security\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/blogs\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/#website\",\"url\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/\",\"name\":\"TJC Group\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/#organization\",\"name\":\"TJC Group\",\"url\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.tjc-group.com\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/logo.svg\",\"contentUrl\":\"https:\\\/\\\/www.tjc-group.com\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/logo.svg\",\"caption\":\"TJC Group\"},\"image\":{\"@id\":\"https:\\\/\\\/www.tjc-group.com\\\/fr\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/tjcsoftware\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/tjc-group\",\"https:\\\/\\\/www.youtube.com\\\/tjcgroup\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9","description":"Le maintien d'un syst\u00e8me existant, m\u00eame avec les derniers correctifs, n'est pas s\u00fbr \u00e0 long terme. D\u00e9couvrez pourquoi le d\u00e9classement est l'option la plus s\u00fbre en mati\u00e8re de s\u00e9curit\u00e9 des donn\u00e9es.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/","og_locale":"fr_FR","og_type":"article","og_title":"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9","og_description":"Le maintien d'un syst\u00e8me existant, m\u00eame avec les derniers correctifs, n'est pas s\u00fbr \u00e0 long terme. D\u00e9couvrez pourquoi le d\u00e9classement est l'option la plus s\u00fbre en mati\u00e8re de s\u00e9curit\u00e9 des donn\u00e9es.","og_url":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/","og_site_name":"TJC Group","article_modified_time":"2025-02-24T10:28:35+00:00","og_image":[{"width":2500,"height":1250,"url":"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2023\/11\/Header_web_article_cybersecurity_1920x960px.webp","type":"image\/webp"}],"twitter_card":"summary_large_image","twitter_site":"@tjcsoftware","twitter_misc":{"Dur\u00e9e de lecture estim\u00e9e":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/","url":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/","name":"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9","isPartOf":{"@id":"https:\/\/www.tjc-group.com\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/#primaryimage"},"image":{"@id":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2023\/11\/Header_web_article_cybersecurity_1920x960px.webp","datePublished":"2023-11-02T06:52:12+00:00","dateModified":"2025-02-24T10:28:35+00:00","description":"Le maintien d'un syst\u00e8me existant, m\u00eame avec les derniers correctifs, n'est pas s\u00fbr \u00e0 long terme. D\u00e9couvrez pourquoi le d\u00e9classement est l'option la plus s\u00fbre en mati\u00e8re de s\u00e9curit\u00e9 des donn\u00e9es.","breadcrumb":{"@id":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/#primaryimage","url":"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2023\/11\/Header_web_article_cybersecurity_1920x960px.webp","contentUrl":"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2023\/11\/Header_web_article_cybersecurity_1920x960px.webp","width":2500,"height":1250,"caption":"Legacy systems | Obsolescence doesn\u2019t go hand in hand with security"},{"@type":"BreadcrumbList","@id":"https:\/\/www.tjc-group.com\/fr\/blogs\/systemes-legacy-obsolescence-ne-rime-pas-avec-securite\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tjc-group.com\/fr\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/www.tjc-group.com\/fr\/blogs\/"},{"@type":"ListItem","position":3,"name":"Syst\u00e8mes Legacy | Obsolescence ne rime pas avec s\u00e9curit\u00e9"}]},{"@type":"WebSite","@id":"https:\/\/www.tjc-group.com\/fr\/#website","url":"https:\/\/www.tjc-group.com\/fr\/","name":"TJC Group","description":"","publisher":{"@id":"https:\/\/www.tjc-group.com\/fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tjc-group.com\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.tjc-group.com\/fr\/#organization","name":"TJC Group","url":"https:\/\/www.tjc-group.com\/fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.tjc-group.com\/fr\/#\/schema\/logo\/image\/","url":"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2021\/05\/logo.svg","contentUrl":"https:\/\/www.tjc-group.com\/wp-content\/uploads\/2021\/05\/logo.svg","caption":"TJC Group"},"image":{"@id":"https:\/\/www.tjc-group.com\/fr\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/tjcsoftware","https:\/\/www.linkedin.com\/company\/tjc-group","https:\/\/www.youtube.com\/tjcgroup"]}]}},"_links":{"self":[{"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/blog\/29819","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/types\/blog"}],"version-history":[{"count":5,"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/blog\/29819\/revisions"}],"predecessor-version":[{"id":38720,"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/blog\/29819\/revisions\/38720"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/media\/29821"}],"wp:attachment":[{"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/media?parent=29819"}],"wp:term":[{"taxonomy":"blog_tag","embeddable":true,"href":"https:\/\/www.tjc-group.com\/fr\/wp-json\/wp\/v2\/blog_tag?post=29819"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}