User 'support' with known insecure password is available by default.
vulners.com/securityvulns/securityvulns:doc:28442
vulners.com/securityvulns/securityvulns:doc:28564