HIGH
Source
Kube Hunter
ID
KHV030

Possible DNS Spoof

Your Kubernetes DNS setup is vulnerable to spoofing attacks which impersonate your DNS for malicious purposes.
In this case the exploited vulnerability was ARP spoofing, but other methods could be used as well.

Consider using DNS over TLS. CoreDNS (the common DNS server for Kubernetes) supports this out of the box, but your client applications might not.