Engineering could not reproduce the duplicate header error with the out-of-box ServiceNow policy and the ServiceNow instance that they have.
The did note that per the API Gateway documentation it seems that the out-of-box policy will add duplicate headers to the HTTP Routing Assertion:
The documentation mentions that the "Use HTTP Credentials from Request" option in the Authentication tab itself adds the Authorization header and adding the "Authorization" header in the Headers tab would be redundant. Hence we suggest deleting the explicit "Authorization" header entry under Headers tab in your custom ServiceNowMDT policy and test if that resolves the error you are seeing. Removing this did not impact the out-of-box policy in the testing Engineering did.