Intra-cluster communication does not use TLS. The services within the NGINX Controller namespace are using cleartext protocols inside the cluster. (CVE-2021-23018)
Impact
Attackers with access to cluster may have the ability to read and modify the data being sent between services managed within the affected controller.