A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between the samba server and client.
www.securityfocus.com/bid/105084
access.redhat.com/errata/RHSA-2018:2612
access.redhat.com/errata/RHSA-2018:2613
access.redhat.com/errata/RHSA-2018:3056
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1139
security.gentoo.org/glsa/202003-52
security.netapp.com/advisory/ntap-20180814-0001/
usn.ubuntu.com/3738-1/
www.samba.org/samba/security/CVE-2018-1139.html