To patch or not to patch, that is the question.... Well, it is when it come to switches and routers. With Cisco (and other vendors) devices it is not so simple. There are various configurations and various feature sets. For example You may be running version of IOS that has known security vulnerabilities but your device may be not vulnerable. For example if there is a vulnerability in http server but your device doesn't have it enabled (no ip http server) you are not vulnerable. Obviously an http server may be enabled and some point and this would render the device vulnerable. That's where configuration management and change control come in. Furthermore there are different feature sets of the same IOS version. You may be running "IP Base" set which doesn't support MPLS but Nessus will show MPLS vulnerability. So in order to determine if our device is vulnerable we need to look at both Cisco advisory and configuration file. Understanding various feature
Censorship is the suppression of speech, public communication, or other information.
Source: Wikipedia