NTP allows you to set the clocks on your systems very accurately, to within 1 to 50 ms of the time on a central server. Knowing the exact time is extremely important for certain types of applications and protocols:
It is much easier to correlate information from multiple machines (log files, for example, when analysing a break-in attempt) when all the clocks on those machines are synchronized. It’s helpful to know exactly who was attacked, and in what order, if you’re going to understand what the attacker was after – and what might be coming next.
Some security protocols depend on an accurate source of time information to prevent “playback” attacks. Such protocols tag their communications with the current time, so that those same communications (e.g., a login/password interaction or even an entire communication) cannot be replayed later as part of an attack. This tagging can be circumvented if the clock can be set back to the time the communication was recorded.
Security Concerns:
It provides both information and possible avenues of attack for intruders. Stop security-related tasks from running or cause them to run at incorrect times. Make system and audit logs unreliable since time is alterable.
Recommended Actions
To resolve this vulnerability we would request that you check your hardware settings and all of your devices to ensure that TCP/UDP port 123 (NTP) is closed. The precise method for doing this will depend upon your make, model, and operating system of your device.
Reference Material
CVE.mitre.org is also another useful site and by searching their “CVE list” and typing in the Vulnerability they can help identify and mitigate the issue:
https://www.cvedetails.com/vulnerability-list/vendor_id-2153/NTP.html
