Totally aggre with Paulius. TCP timestamps exist for a reason, and disabling them might degrade performance in a way that would be much more harmful than some exploit that would use those timestamps.
Your risk assessment probably said something like "low risk" but didn't provide much more information, right? Well, the truth is you can't exploit timestamps directly, but they can be used to gather a little more information on a possible target, like operating system or uptime. Keep your systems patched for high/medium security risks and you won't have to worry about this kind of thing.
Here are some useful links:
https://www.ietf.org/rfc/rfc1323.txt
https://raxis.com/blog/2018/06/04/goodies-for-hoodies-tcp-timestamps
https://stackoverflow.com/questions/7880383/what-benefit-is-conferred-by-tcp-timestamp
https://www.rapid7.com/db/vulnerabilities/generic-tcp-timestamp/
/Mike