samba is vulnerable to man-in-the-middle (MitM) attacks. The vulnerability exists as it was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce “SMB signing” when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
www.securityfocus.com/bid/101554
access.redhat.com/errata/RHSA-2017:2858
access.redhat.com/errata/RHSA-2017:3110
access.redhat.com/security/cve/CVE-2017-15085
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1505787
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15085